ImageMagick, Capstone, QEMU, and more updates for SUSE

SUSE 5525 Published by

Several security updates have been released for SUSE Linux, addressing vulnerabilities in various packages. Updates are available for ImageMagick, Capstone, QEMU, Podman, libvirt, PHP 8, and more. Additionally, security updates for certain packages on GA media, including libwget, python311-cbor2, ImageMagick, and apptainer, have been released.

SUSE-SU-2026:0061-1: moderate: Security update for ImageMagick
SUSE-SU-2026:0060-1: moderate: Security update for capstone
SUSE-SU-2026:0070-1: important: Security update for qemu
SUSE-SU-2026:0067-1: moderate: Security update for podman
SUSE-SU-2026:0068-1: moderate: Security update for libvirt
SUSE-SU-2026:0071-1: moderate: Security update for php8
SUSE-SU-2026:0072-1: moderate: Security update for ImageMagick
openSUSE-SU-2026:10015-1: moderate: libwget4-2.2.1-1.1 on GA media
openSUSE-SU-2026:10014-1: moderate: python311-cbor2-5.8.0-2.1 on GA media
openSUSE-SU-2026:10012-1: moderate: ImageMagick-7.1.2.12-1.1 on GA media
openSUSE-SU-2026:10013-1: moderate: apptainer-1.4.5-1.1 on GA media




SUSE-SU-2026:0061-1: moderate: Security update for ImageMagick


# Security update for ImageMagick

Announcement ID: SUSE-SU-2026:0061-1
Release Date: 2026-01-07T18:33:22Z
Rating: moderate
References:

* bsc#1255821
* bsc#1255822
* bsc#1255823

Cross-References:

* CVE-2025-68618
* CVE-2025-68950
* CVE-2025-69204

CVSS scores:

* CVE-2025-68618 ( SUSE ): 5.1
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-68618 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-68618 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68618 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-68950 ( SUSE ): 5.1
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-68950 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-68950 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-68950 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-69204 ( SUSE ): 5.1
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-69204 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-69204 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-69204 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.6

An update that solves three vulnerabilities can now be installed.

## Description:

This update for ImageMagick fixes the following issues:

* CVE-2025-68618: read a malicious SVG file may result in a DoS attack
(bsc#1255821).
* CVE-2025-68950: check for circular references in mvg files may lead to stack
overflow (bsc#1255822).
* CVE-2025-69204: an integer overflow can lead to a DoS attack (bsc#1255823).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-61=1 openSUSE-SLE-15.6-2026-61=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* ImageMagick-debugsource-7.1.1.21-150600.3.35.1
* ImageMagick-config-7-upstream-websafe-7.1.1.21-150600.3.35.1
* ImageMagick-config-7-SUSE-7.1.1.21-150600.3.35.1
* libMagickCore-7_Q16HDRI10-7.1.1.21-150600.3.35.1
* libMagick++-7_Q16HDRI5-7.1.1.21-150600.3.35.1
* libMagickCore-7_Q16HDRI10-debuginfo-7.1.1.21-150600.3.35.1
* libMagickWand-7_Q16HDRI10-7.1.1.21-150600.3.35.1
* perl-PerlMagick-7.1.1.21-150600.3.35.1
* ImageMagick-config-7-upstream-limited-7.1.1.21-150600.3.35.1
* ImageMagick-config-7-upstream-secure-7.1.1.21-150600.3.35.1
* ImageMagick-debuginfo-7.1.1.21-150600.3.35.1
* ImageMagick-extra-7.1.1.21-150600.3.35.1
* libMagick++-devel-7.1.1.21-150600.3.35.1
* ImageMagick-devel-7.1.1.21-150600.3.35.1
* libMagickWand-7_Q16HDRI10-debuginfo-7.1.1.21-150600.3.35.1
* libMagick++-7_Q16HDRI5-debuginfo-7.1.1.21-150600.3.35.1
* ImageMagick-extra-debuginfo-7.1.1.21-150600.3.35.1
* perl-PerlMagick-debuginfo-7.1.1.21-150600.3.35.1
* ImageMagick-config-7-upstream-open-7.1.1.21-150600.3.35.1
* ImageMagick-7.1.1.21-150600.3.35.1
* openSUSE Leap 15.6 (x86_64)
* libMagick++-devel-32bit-7.1.1.21-150600.3.35.1
* libMagickCore-7_Q16HDRI10-32bit-debuginfo-7.1.1.21-150600.3.35.1
* libMagickWand-7_Q16HDRI10-32bit-debuginfo-7.1.1.21-150600.3.35.1
* libMagickWand-7_Q16HDRI10-32bit-7.1.1.21-150600.3.35.1
* libMagick++-7_Q16HDRI5-32bit-debuginfo-7.1.1.21-150600.3.35.1
* libMagickCore-7_Q16HDRI10-32bit-7.1.1.21-150600.3.35.1
* ImageMagick-devel-32bit-7.1.1.21-150600.3.35.1
* libMagick++-7_Q16HDRI5-32bit-7.1.1.21-150600.3.35.1
* openSUSE Leap 15.6 (noarch)
* ImageMagick-doc-7.1.1.21-150600.3.35.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* libMagick++-7_Q16HDRI5-64bit-7.1.1.21-150600.3.35.1
* libMagick++-7_Q16HDRI5-64bit-debuginfo-7.1.1.21-150600.3.35.1
* libMagickWand-7_Q16HDRI10-64bit-7.1.1.21-150600.3.35.1
* libMagickWand-7_Q16HDRI10-64bit-debuginfo-7.1.1.21-150600.3.35.1
* libMagickCore-7_Q16HDRI10-64bit-debuginfo-7.1.1.21-150600.3.35.1
* libMagick++-devel-64bit-7.1.1.21-150600.3.35.1
* libMagickCore-7_Q16HDRI10-64bit-7.1.1.21-150600.3.35.1
* ImageMagick-devel-64bit-7.1.1.21-150600.3.35.1

## References:

* https://www.suse.com/security/cve/CVE-2025-68618.html
* https://www.suse.com/security/cve/CVE-2025-68950.html
* https://www.suse.com/security/cve/CVE-2025-69204.html
* https://bugzilla.suse.com/show_bug.cgi?id=1255821
* https://bugzilla.suse.com/show_bug.cgi?id=1255822
* https://bugzilla.suse.com/show_bug.cgi?id=1255823



SUSE-SU-2026:0060-1: moderate: Security update for capstone


# Security update for capstone

Announcement ID: SUSE-SU-2026:0060-1
Release Date: 2026-01-07T16:02:54Z
Rating: moderate
References:

* bsc#1255309
* bsc#1255310

Cross-References:

* CVE-2025-67873
* CVE-2025-68114

CVSS scores:

* CVE-2025-67873 ( SUSE ): 2.4
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-67873 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
* CVE-2025-67873 ( NVD ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
* CVE-2025-67873 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-68114 ( SUSE ): 2.4
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-68114 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
* CVE-2025-68114 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-68114 ( NVD ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

Affected Products:

* openSUSE Leap 15.5
* openSUSE Leap 15.6
* Server Applications Module 15-SP7
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves two vulnerabilities can now be installed.

## Description:

This update for capstone fixes the following issues:

Security issues fixed:

* CVE-2025-67873: missing bounds check on user-provided skipdata callback can
lead to a heap buffer overflow (bsc#1255309).
* CVE-2025-68114: unchecked `vsnprintf` return value can lead to a stack
buffer overflow (bsc#1255310).

Other updates and bugfixes:

* Enable static library, and add `libcapstone-devel-static` subpackage.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-60=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2026-60=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2026-60=1

* Server Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-60=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* libcapstone4-debuginfo-4.0.2-150500.3.3.1
* capstone-4.0.2-150500.3.3.1
* capstone-debuginfo-4.0.2-150500.3.3.1
* capstone-debugsource-4.0.2-150500.3.3.1
* libcapstone4-4.0.2-150500.3.3.1
* libcapstone-devel-4.0.2-150500.3.3.1
* libcapstone-devel-static-4.0.2-150500.3.3.1
* openSUSE Leap 15.5 (noarch)
* capstone-doc-4.0.2-150500.3.3.1
* python3-capstone-4.0.2-150500.3.3.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* libcapstone4-debuginfo-4.0.2-150500.3.3.1
* capstone-4.0.2-150500.3.3.1
* capstone-debuginfo-4.0.2-150500.3.3.1
* capstone-debugsource-4.0.2-150500.3.3.1
* libcapstone4-4.0.2-150500.3.3.1
* libcapstone-devel-4.0.2-150500.3.3.1
* openSUSE Leap 15.6 (noarch)
* capstone-doc-4.0.2-150500.3.3.1
* python3-capstone-4.0.2-150500.3.3.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* libcapstone4-debuginfo-4.0.2-150500.3.3.1
* capstone-debuginfo-4.0.2-150500.3.3.1
* capstone-debugsource-4.0.2-150500.3.3.1
* libcapstone4-4.0.2-150500.3.3.1
* Server Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* libcapstone4-debuginfo-4.0.2-150500.3.3.1
* capstone-debuginfo-4.0.2-150500.3.3.1
* capstone-debugsource-4.0.2-150500.3.3.1
* libcapstone4-4.0.2-150500.3.3.1
* libcapstone-devel-4.0.2-150500.3.3.1

## References:

* https://www.suse.com/security/cve/CVE-2025-67873.html
* https://www.suse.com/security/cve/CVE-2025-68114.html
* https://bugzilla.suse.com/show_bug.cgi?id=1255309
* https://bugzilla.suse.com/show_bug.cgi?id=1255310



SUSE-SU-2026:0070-1: important: Security update for qemu


# Security update for qemu

Announcement ID: SUSE-SU-2026:0070-1
Release Date: 2026-01-08T13:22:00Z
Rating: important
References:

* bsc#1209554
* bsc#1227397

Cross-References:

* CVE-2023-1544
* CVE-2024-6505

CVSS scores:

* CVE-2023-1544 ( SUSE ): 7.9 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H
* CVE-2023-1544 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H
* CVE-2023-1544 ( NVD ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
* CVE-2024-6505 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
* CVE-2024-6505 ( NVD ): 6.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
* CVE-2024-6505 ( NVD ): 6.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.3
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro for Rancher 5.2

An update that solves two vulnerabilities can now be installed.

## Description:

This update for qemu fixes the following issues:

* CVE-2024-6505: Fixed queue index out-of-bounds access in software RSS
(bsc#1227397)
* CVE-2023-1544: Fixed out-of-bounds read in pvrdma_ring_next_elem_read()
(bsc#1209554)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.3
zypper in -t patch SUSE-2026-70=1

* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-70=1

* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2026-70=1

## Package List:

* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* qemu-s390x-5.2.0-150300.138.1
* qemu-hw-display-virtio-gpu-pci-5.2.0-150300.138.1
* qemu-tools-5.2.0-150300.138.1
* qemu-block-dmg-5.2.0-150300.138.1
* qemu-extra-5.2.0-150300.138.1
* qemu-ui-gtk-debuginfo-5.2.0-150300.138.1
* qemu-ui-opengl-debuginfo-5.2.0-150300.138.1
* qemu-testsuite-5.2.0-150300.138.2
* qemu-block-dmg-debuginfo-5.2.0-150300.138.1
* qemu-hw-usb-redirect-debuginfo-5.2.0-150300.138.1
* qemu-hw-usb-smartcard-debuginfo-5.2.0-150300.138.1
* qemu-ui-opengl-5.2.0-150300.138.1
* qemu-ui-spice-app-5.2.0-150300.138.1
* qemu-audio-spice-debuginfo-5.2.0-150300.138.1
* qemu-ui-gtk-5.2.0-150300.138.1
* qemu-linux-user-debuginfo-5.2.0-150300.138.1
* qemu-guest-agent-debuginfo-5.2.0-150300.138.1
* qemu-hw-display-virtio-gpu-pci-debuginfo-5.2.0-150300.138.1
* qemu-5.2.0-150300.138.1
* qemu-arm-5.2.0-150300.138.1
* qemu-chardev-spice-debuginfo-5.2.0-150300.138.1
* qemu-hw-display-qxl-debuginfo-5.2.0-150300.138.1
* qemu-audio-pa-debuginfo-5.2.0-150300.138.1
* qemu-chardev-baum-debuginfo-5.2.0-150300.138.1
* qemu-block-iscsi-5.2.0-150300.138.1
* qemu-guest-agent-5.2.0-150300.138.1
* qemu-ivshmem-tools-debuginfo-5.2.0-150300.138.1
* qemu-block-gluster-5.2.0-150300.138.1
* qemu-s390x-debuginfo-5.2.0-150300.138.1
* qemu-ui-curses-debuginfo-5.2.0-150300.138.1
* qemu-ui-spice-core-5.2.0-150300.138.1
* qemu-audio-alsa-5.2.0-150300.138.1
* qemu-vhost-user-gpu-debuginfo-5.2.0-150300.138.1
* qemu-lang-5.2.0-150300.138.1
* qemu-block-nfs-5.2.0-150300.138.1
* qemu-block-ssh-debuginfo-5.2.0-150300.138.1
* qemu-hw-s390x-virtio-gpu-ccw-5.2.0-150300.138.1
* qemu-ksm-5.2.0-150300.138.1
* qemu-arm-debuginfo-5.2.0-150300.138.1
* qemu-block-curl-debuginfo-5.2.0-150300.138.1
* qemu-x86-5.2.0-150300.138.1
* qemu-ui-spice-app-debuginfo-5.2.0-150300.138.1
* qemu-hw-display-virtio-gpu-debuginfo-5.2.0-150300.138.1
* qemu-chardev-spice-5.2.0-150300.138.1
* qemu-audio-pa-5.2.0-150300.138.1
* qemu-hw-display-qxl-5.2.0-150300.138.1
* qemu-linux-user-debugsource-5.2.0-150300.138.1
* qemu-audio-alsa-debuginfo-5.2.0-150300.138.1
* qemu-debugsource-5.2.0-150300.138.1
* qemu-debuginfo-5.2.0-150300.138.1
* qemu-extra-debuginfo-5.2.0-150300.138.1
* qemu-x86-debuginfo-5.2.0-150300.138.1
* qemu-block-nfs-debuginfo-5.2.0-150300.138.1
* qemu-ppc-debuginfo-5.2.0-150300.138.1
* qemu-hw-display-virtio-gpu-5.2.0-150300.138.1
* qemu-ivshmem-tools-5.2.0-150300.138.1
* qemu-ui-spice-core-debuginfo-5.2.0-150300.138.1
* qemu-block-ssh-5.2.0-150300.138.1
* qemu-hw-display-virtio-vga-debuginfo-5.2.0-150300.138.1
* qemu-ppc-5.2.0-150300.138.1
* qemu-hw-s390x-virtio-gpu-ccw-debuginfo-5.2.0-150300.138.1
* qemu-hw-display-virtio-vga-5.2.0-150300.138.1
* qemu-tools-debuginfo-5.2.0-150300.138.1
* qemu-block-gluster-debuginfo-5.2.0-150300.138.1
* qemu-block-iscsi-debuginfo-5.2.0-150300.138.1
* qemu-audio-spice-5.2.0-150300.138.1
* qemu-hw-usb-redirect-5.2.0-150300.138.1
* qemu-block-curl-5.2.0-150300.138.1
* qemu-vhost-user-gpu-5.2.0-150300.138.1
* qemu-hw-usb-smartcard-5.2.0-150300.138.1
* qemu-linux-user-5.2.0-150300.138.1
* qemu-chardev-baum-5.2.0-150300.138.1
* qemu-ui-curses-5.2.0-150300.138.1
* openSUSE Leap 15.3 (s390x x86_64 i586)
* qemu-kvm-5.2.0-150300.138.1
* openSUSE Leap 15.3 (noarch)
* qemu-microvm-5.2.0-150300.138.1
* qemu-SLOF-5.2.0-150300.138.1
* qemu-seabios-1.14.0_0_g155821a-150300.138.1
* qemu-skiboot-5.2.0-150300.138.1
* qemu-sgabios-8-150300.138.1
* qemu-vgabios-1.14.0_0_g155821a-150300.138.1
* qemu-ipxe-1.0.0+-150300.138.1
* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64)
* qemu-block-rbd-debuginfo-5.2.0-150300.138.1
* qemu-block-rbd-5.2.0-150300.138.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* qemu-tools-5.2.0-150300.138.1
* qemu-hw-usb-redirect-debuginfo-5.2.0-150300.138.1
* qemu-ui-opengl-5.2.0-150300.138.1
* qemu-audio-spice-debuginfo-5.2.0-150300.138.1
* qemu-guest-agent-debuginfo-5.2.0-150300.138.1
* qemu-hw-display-qxl-debuginfo-5.2.0-150300.138.1
* qemu-5.2.0-150300.138.1
* qemu-ui-opengl-debuginfo-5.2.0-150300.138.1
* qemu-chardev-spice-debuginfo-5.2.0-150300.138.1
* qemu-guest-agent-5.2.0-150300.138.1
* qemu-ui-spice-core-5.2.0-150300.138.1
* qemu-hw-display-virtio-gpu-debuginfo-5.2.0-150300.138.1
* qemu-chardev-spice-5.2.0-150300.138.1
* qemu-hw-display-qxl-5.2.0-150300.138.1
* qemu-debugsource-5.2.0-150300.138.1
* qemu-debuginfo-5.2.0-150300.138.1
* qemu-hw-display-virtio-gpu-5.2.0-150300.138.1
* qemu-ui-spice-core-debuginfo-5.2.0-150300.138.1
* qemu-hw-display-virtio-vga-debuginfo-5.2.0-150300.138.1
* qemu-hw-display-virtio-vga-5.2.0-150300.138.1
* qemu-tools-debuginfo-5.2.0-150300.138.1
* qemu-audio-spice-5.2.0-150300.138.1
* qemu-hw-usb-redirect-5.2.0-150300.138.1
* SUSE Linux Enterprise Micro 5.2 (aarch64)
* qemu-arm-debuginfo-5.2.0-150300.138.1
* qemu-arm-5.2.0-150300.138.1
* SUSE Linux Enterprise Micro 5.2 (noarch)
* qemu-seabios-1.14.0_0_g155821a-150300.138.1
* qemu-sgabios-8-150300.138.1
* qemu-vgabios-1.14.0_0_g155821a-150300.138.1
* qemu-ipxe-1.0.0+-150300.138.1
* SUSE Linux Enterprise Micro 5.2 (s390x)
* qemu-s390x-5.2.0-150300.138.1
* qemu-s390x-debuginfo-5.2.0-150300.138.1
* SUSE Linux Enterprise Micro 5.2 (x86_64)
* qemu-x86-5.2.0-150300.138.1
* qemu-x86-debuginfo-5.2.0-150300.138.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* qemu-tools-5.2.0-150300.138.1
* qemu-hw-usb-redirect-debuginfo-5.2.0-150300.138.1
* qemu-ui-opengl-5.2.0-150300.138.1
* qemu-audio-spice-debuginfo-5.2.0-150300.138.1
* qemu-guest-agent-debuginfo-5.2.0-150300.138.1
* qemu-hw-display-qxl-debuginfo-5.2.0-150300.138.1
* qemu-5.2.0-150300.138.1
* qemu-ui-opengl-debuginfo-5.2.0-150300.138.1
* qemu-chardev-spice-debuginfo-5.2.0-150300.138.1
* qemu-guest-agent-5.2.0-150300.138.1
* qemu-ui-spice-core-5.2.0-150300.138.1
* qemu-hw-display-virtio-gpu-debuginfo-5.2.0-150300.138.1
* qemu-chardev-spice-5.2.0-150300.138.1
* qemu-hw-display-qxl-5.2.0-150300.138.1
* qemu-debugsource-5.2.0-150300.138.1
* qemu-debuginfo-5.2.0-150300.138.1
* qemu-hw-display-virtio-gpu-5.2.0-150300.138.1
* qemu-ui-spice-core-debuginfo-5.2.0-150300.138.1
* qemu-hw-display-virtio-vga-debuginfo-5.2.0-150300.138.1
* qemu-hw-display-virtio-vga-5.2.0-150300.138.1
* qemu-tools-debuginfo-5.2.0-150300.138.1
* qemu-audio-spice-5.2.0-150300.138.1
* qemu-hw-usb-redirect-5.2.0-150300.138.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64)
* qemu-arm-debuginfo-5.2.0-150300.138.1
* qemu-arm-5.2.0-150300.138.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (noarch)
* qemu-seabios-1.14.0_0_g155821a-150300.138.1
* qemu-sgabios-8-150300.138.1
* qemu-vgabios-1.14.0_0_g155821a-150300.138.1
* qemu-ipxe-1.0.0+-150300.138.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (s390x)
* qemu-s390x-5.2.0-150300.138.1
* qemu-s390x-debuginfo-5.2.0-150300.138.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64)
* qemu-x86-5.2.0-150300.138.1
* qemu-x86-debuginfo-5.2.0-150300.138.1

## References:

* https://www.suse.com/security/cve/CVE-2023-1544.html
* https://www.suse.com/security/cve/CVE-2024-6505.html
* https://bugzilla.suse.com/show_bug.cgi?id=1209554
* https://bugzilla.suse.com/show_bug.cgi?id=1227397



SUSE-SU-2026:0067-1: moderate: Security update for podman


# Security update for podman

Announcement ID: SUSE-SU-2026:0067-1
Release Date: 2026-01-08T12:22:22Z
Rating: moderate
References:

* bsc#1253993

Cross-References:

* CVE-2025-47914

CVSS scores:

* CVE-2025-47914 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-47914 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-47914 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* Containers Module 15-SP7
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves one vulnerability can now be installed.

## Description:

This update for podman fixes the following issues:

* CVE-2025-47914: Fixed ssh-agent that could cause a panic due to an out-of-
bounds read with non validated message size (bsc#1253993)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-67=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2026-67=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2026-67=1

* Containers Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2026-67=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* podman-debuginfo-4.9.5-150500.3.62.2
* podman-4.9.5-150500.3.62.2
* podmansh-4.9.5-150500.3.62.2
* podman-remote-4.9.5-150500.3.62.2
* podman-remote-debuginfo-4.9.5-150500.3.62.2
* openSUSE Leap 15.5 (noarch)
* podman-docker-4.9.5-150500.3.62.2
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* podman-debuginfo-4.9.5-150500.3.62.2
* podman-4.9.5-150500.3.62.2
* podmansh-4.9.5-150500.3.62.2
* podman-remote-4.9.5-150500.3.62.2
* podman-remote-debuginfo-4.9.5-150500.3.62.2
* openSUSE Leap 15.6 (noarch)
* podman-docker-4.9.5-150500.3.62.2
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* podman-debuginfo-4.9.5-150500.3.62.2
* podman-4.9.5-150500.3.62.2
* podmansh-4.9.5-150500.3.62.2
* podman-remote-4.9.5-150500.3.62.2
* podman-remote-debuginfo-4.9.5-150500.3.62.2
* SUSE Linux Enterprise Micro 5.5 (noarch)
* podman-docker-4.9.5-150500.3.62.2
* Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* podman-debuginfo-4.9.5-150500.3.62.2
* podman-4.9.5-150500.3.62.2
* podmansh-4.9.5-150500.3.62.2
* podman-remote-4.9.5-150500.3.62.2
* podman-remote-debuginfo-4.9.5-150500.3.62.2
* Containers Module 15-SP7 (noarch)
* podman-docker-4.9.5-150500.3.62.2

## References:

* https://www.suse.com/security/cve/CVE-2025-47914.html
* https://bugzilla.suse.com/show_bug.cgi?id=1253993



SUSE-SU-2026:0068-1: moderate: Security update for libvirt


# Security update for libvirt

Announcement ID: SUSE-SU-2026:0068-1
Release Date: 2026-01-08T12:22:41Z
Rating: moderate
References:

* bsc#1253278
* bsc#1253703

Cross-References:

* CVE-2025-12748
* CVE-2025-13193

CVSS scores:

* CVE-2025-12748 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-12748 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-12748 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-13193 ( SUSE ): 5.7
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2025-13193 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2025-13193 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* openSUSE Leap 15.6

An update that solves two vulnerabilities can now be installed.

## Description:

This update for libvirt fixes the following issues:

* CVE-2025-13193: Fixed umask for 'qemu-img' when creating external inactive
snapshots (bsc#1253703)
* CVE-2025-12748: Fixed Check ACLs before parsing the whole domain XML
(bsc#1253278)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-68=1 openSUSE-SLE-15.6-2026-68=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* libvirt-daemon-log-debuginfo-10.0.0-150600.8.12.1
* libvirt-daemon-driver-storage-iscsi-direct-10.0.0-150600.8.12.1
* libvirt-client-10.0.0-150600.8.12.1
* libvirt-daemon-driver-storage-scsi-10.0.0-150600.8.12.1
* libvirt-libs-debuginfo-10.0.0-150600.8.12.1
* libvirt-daemon-debuginfo-10.0.0-150600.8.12.1
* libvirt-daemon-driver-nwfilter-10.0.0-150600.8.12.1
* libvirt-daemon-plugin-sanlock-10.0.0-150600.8.12.1
* libvirt-daemon-driver-lxc-10.0.0-150600.8.12.1
* libvirt-client-debuginfo-10.0.0-150600.8.12.1
* libvirt-daemon-driver-nodedev-10.0.0-150600.8.12.1
* wireshark-plugin-libvirt-10.0.0-150600.8.12.1
* libvirt-daemon-lock-10.0.0-150600.8.12.1
* libvirt-daemon-config-network-10.0.0-150600.8.12.1
* libvirt-daemon-driver-storage-gluster-10.0.0-150600.8.12.1
* libvirt-daemon-driver-interface-10.0.0-150600.8.12.1
* libvirt-10.0.0-150600.8.12.1
* libvirt-daemon-driver-secret-10.0.0-150600.8.12.1
* libvirt-daemon-driver-interface-debuginfo-10.0.0-150600.8.12.1
* libvirt-daemon-driver-qemu-10.0.0-150600.8.12.1
* libvirt-libs-10.0.0-150600.8.12.1
* libvirt-daemon-driver-network-debuginfo-10.0.0-150600.8.12.1
* libvirt-daemon-driver-nodedev-debuginfo-10.0.0-150600.8.12.1
* libvirt-daemon-10.0.0-150600.8.12.1
* libvirt-daemon-driver-qemu-debuginfo-10.0.0-150600.8.12.1
* libvirt-daemon-lxc-10.0.0-150600.8.12.1
* libvirt-daemon-plugin-sanlock-debuginfo-10.0.0-150600.8.12.1
* libvirt-client-qemu-10.0.0-150600.8.12.1
* libvirt-daemon-qemu-10.0.0-150600.8.12.1
* libvirt-daemon-driver-storage-scsi-debuginfo-10.0.0-150600.8.12.1
* libvirt-daemon-common-10.0.0-150600.8.12.1
* libvirt-nss-debuginfo-10.0.0-150600.8.12.1
* wireshark-plugin-libvirt-debuginfo-10.0.0-150600.8.12.1
* libvirt-daemon-config-nwfilter-10.0.0-150600.8.12.1
* libvirt-daemon-plugin-lockd-10.0.0-150600.8.12.1
* libvirt-debugsource-10.0.0-150600.8.12.1
* libvirt-daemon-log-10.0.0-150600.8.12.1
* libvirt-daemon-plugin-lockd-debuginfo-10.0.0-150600.8.12.1
* libvirt-daemon-driver-storage-10.0.0-150600.8.12.1
* libvirt-daemon-driver-storage-iscsi-10.0.0-150600.8.12.1
* libvirt-nss-10.0.0-150600.8.12.1
* libvirt-daemon-lock-debuginfo-10.0.0-150600.8.12.1
* libvirt-devel-10.0.0-150600.8.12.1
* libvirt-daemon-driver-storage-iscsi-direct-debuginfo-10.0.0-150600.8.12.1
* libvirt-daemon-driver-nwfilter-debuginfo-10.0.0-150600.8.12.1
* libvirt-daemon-driver-storage-logical-10.0.0-150600.8.12.1
* libvirt-daemon-driver-storage-iscsi-debuginfo-10.0.0-150600.8.12.1
* libvirt-daemon-driver-lxc-debuginfo-10.0.0-150600.8.12.1
* libvirt-daemon-driver-storage-core-debuginfo-10.0.0-150600.8.12.1
* libvirt-daemon-driver-storage-disk-debuginfo-10.0.0-150600.8.12.1
* libvirt-daemon-driver-secret-debuginfo-10.0.0-150600.8.12.1
* libvirt-daemon-driver-storage-mpath-10.0.0-150600.8.12.1
* libvirt-daemon-hooks-10.0.0-150600.8.12.1
* libvirt-daemon-proxy-debuginfo-10.0.0-150600.8.12.1
* libvirt-daemon-driver-storage-logical-debuginfo-10.0.0-150600.8.12.1
* libvirt-daemon-driver-storage-disk-10.0.0-150600.8.12.1
* libvirt-daemon-driver-storage-core-10.0.0-150600.8.12.1
* libvirt-daemon-driver-storage-mpath-debuginfo-10.0.0-150600.8.12.1
* libvirt-daemon-driver-network-10.0.0-150600.8.12.1
* libvirt-daemon-proxy-10.0.0-150600.8.12.1
* libvirt-daemon-common-debuginfo-10.0.0-150600.8.12.1
* libvirt-daemon-driver-storage-gluster-debuginfo-10.0.0-150600.8.12.1
* openSUSE Leap 15.6 (x86_64)
* libvirt-daemon-driver-libxl-10.0.0-150600.8.12.1
* libvirt-daemon-driver-libxl-debuginfo-10.0.0-150600.8.12.1
* libvirt-daemon-xen-10.0.0-150600.8.12.1
* libvirt-client-32bit-debuginfo-10.0.0-150600.8.12.1
* libvirt-devel-32bit-10.0.0-150600.8.12.1
* openSUSE Leap 15.6 (noarch)
* libvirt-doc-10.0.0-150600.8.12.1
* openSUSE Leap 15.6 (aarch64 x86_64)
* libvirt-daemon-driver-storage-rbd-debuginfo-10.0.0-150600.8.12.1
* libvirt-daemon-driver-storage-rbd-10.0.0-150600.8.12.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* libvirt-client-64bit-debuginfo-10.0.0-150600.8.12.1
* libvirt-devel-64bit-10.0.0-150600.8.12.1

## References:

* https://www.suse.com/security/cve/CVE-2025-12748.html
* https://www.suse.com/security/cve/CVE-2025-13193.html
* https://bugzilla.suse.com/show_bug.cgi?id=1253278
* https://bugzilla.suse.com/show_bug.cgi?id=1253703



SUSE-SU-2026:0071-1: moderate: Security update for php8


# Security update for php8

Announcement ID: SUSE-SU-2026:0071-1
Release Date: 2026-01-08T13:22:08Z
Rating: moderate
References:

* bsc#1255710
* bsc#1255711
* bsc#1255712

Cross-References:

* CVE-2025-14177
* CVE-2025-14178
* CVE-2025-14180

CVSS scores:

* CVE-2025-14177 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N
* CVE-2025-14177 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2025-14177 ( NVD ): 6.3
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-14178 ( SUSE ): 8.3
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-14178 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-14178 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-14180 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-14180 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-14180 ( NVD ): 8.2
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Affected Products:

* openSUSE Leap 15.6

An update that solves three vulnerabilities can now be installed.

## Description:

This update for php8 fixes the following issues:

Security fixes:

* CVE-2025-14177: getimagesize() function may leak uninitialized heap memory
into the APPn segments when reading images in multi-chunk mode
(bsc#1255710).
* CVE-2025-14178: heap buffer overflow occurs in array_merge() when the total
element count of packed arrays exceeds 32-bit limits or HT_MAX_SIZE
(bsc#1255711).
* CVE-2025-14180: null pointer dereference in pdo_parse_params() function when
using the PDO PostgreSQL driver with PDO::ATTR_EMULATE_PREPARES enabled
(bsc#1255712).

Other fixes:

* Update to 8.2.30: Curl: Fix curl build and test failures with version 8.16.
Opcache: Reset global pointers to prevent use-after-free in
zend_jit_status(). PDO: Fixed GHSA-8xr5-qppj-gvwj (PDO quoting result null
deref). (CVE-2025-14180) Standard: Fixed GHSA-www2-q4fc-65wf (Null byte
termination in dns_get_record()). Fixed GHSA-h96m-rvf9-jgm2 (Heap buffer
overflow in array_merge()). (CVE-2025-14178) Fixed GHSA-3237-qqm7-mfv7
(Information Leak of Memory in getimagesize). (CVE-2025-14177)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-71=1 openSUSE-SLE-15.6-2026-71=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* php8-pgsql-debuginfo-8.2.30-150600.3.25.1
* php8-posix-debuginfo-8.2.30-150600.3.25.1
* php8-odbc-8.2.30-150600.3.25.1
* php8-sodium-debuginfo-8.2.30-150600.3.25.1
* php8-bz2-debuginfo-8.2.30-150600.3.25.1
* php8-debuginfo-8.2.30-150600.3.25.1
* php8-sysvmsg-debuginfo-8.2.30-150600.3.25.1
* php8-openssl-debuginfo-8.2.30-150600.3.25.1
* php8-snmp-8.2.30-150600.3.25.1
* php8-mbstring-8.2.30-150600.3.25.1
* php8-mbstring-debuginfo-8.2.30-150600.3.25.1
* php8-fpm-debugsource-8.2.30-150600.3.25.1
* php8-sockets-debuginfo-8.2.30-150600.3.25.1
* php8-devel-8.2.30-150600.3.25.1
* php8-cli-debuginfo-8.2.30-150600.3.25.1
* php8-opcache-8.2.30-150600.3.25.1
* php8-dba-debuginfo-8.2.30-150600.3.25.1
* php8-tokenizer-8.2.30-150600.3.25.1
* php8-xmlreader-8.2.30-150600.3.25.1
* php8-posix-8.2.30-150600.3.25.1
* php8-embed-8.2.30-150600.3.25.1
* php8-embed-debugsource-8.2.30-150600.3.25.1
* php8-gmp-8.2.30-150600.3.25.1
* php8-sysvshm-debuginfo-8.2.30-150600.3.25.1
* php8-odbc-debuginfo-8.2.30-150600.3.25.1
* php8-xsl-8.2.30-150600.3.25.1
* php8-tidy-8.2.30-150600.3.25.1
* php8-fileinfo-8.2.30-150600.3.25.1
* php8-bz2-8.2.30-150600.3.25.1
* php8-ctype-8.2.30-150600.3.25.1
* php8-ffi-8.2.30-150600.3.25.1
* php8-snmp-debuginfo-8.2.30-150600.3.25.1
* php8-mysql-debuginfo-8.2.30-150600.3.25.1
* php8-gd-debuginfo-8.2.30-150600.3.25.1
* php8-ldap-8.2.30-150600.3.25.1
* php8-fpm-8.2.30-150600.3.25.1
* php8-calendar-8.2.30-150600.3.25.1
* php8-xsl-debuginfo-8.2.30-150600.3.25.1
* php8-pcntl-debuginfo-8.2.30-150600.3.25.1
* php8-curl-debuginfo-8.2.30-150600.3.25.1
* php8-sodium-8.2.30-150600.3.25.1
* php8-bcmath-debuginfo-8.2.30-150600.3.25.1
* php8-readline-8.2.30-150600.3.25.1
* php8-fastcgi-8.2.30-150600.3.25.1
* php8-zip-8.2.30-150600.3.25.1
* php8-xmlreader-debuginfo-8.2.30-150600.3.25.1
* php8-intl-8.2.30-150600.3.25.1
* php8-dom-debuginfo-8.2.30-150600.3.25.1
* php8-sqlite-debuginfo-8.2.30-150600.3.25.1
* php8-sysvmsg-8.2.30-150600.3.25.1
* php8-zlib-debuginfo-8.2.30-150600.3.25.1
* php8-tokenizer-debuginfo-8.2.30-150600.3.25.1
* php8-xmlwriter-8.2.30-150600.3.25.1
* php8-phar-8.2.30-150600.3.25.1
* php8-enchant-8.2.30-150600.3.25.1
* php8-intl-debuginfo-8.2.30-150600.3.25.1
* php8-soap-8.2.30-150600.3.25.1
* php8-curl-8.2.30-150600.3.25.1
* php8-tidy-debuginfo-8.2.30-150600.3.25.1
* php8-exif-8.2.30-150600.3.25.1
* php8-opcache-debuginfo-8.2.30-150600.3.25.1
* php8-fastcgi-debugsource-8.2.30-150600.3.25.1
* php8-ftp-8.2.30-150600.3.25.1
* php8-fpm-debuginfo-8.2.30-150600.3.25.1
* php8-enchant-debuginfo-8.2.30-150600.3.25.1
* php8-openssl-8.2.30-150600.3.25.1
* php8-cli-8.2.30-150600.3.25.1
* apache2-mod_php8-debugsource-8.2.30-150600.3.25.1
* php8-8.2.30-150600.3.25.1
* php8-sysvsem-debuginfo-8.2.30-150600.3.25.1
* php8-gmp-debuginfo-8.2.30-150600.3.25.1
* php8-ffi-debuginfo-8.2.30-150600.3.25.1
* php8-pdo-debuginfo-8.2.30-150600.3.25.1
* php8-dom-8.2.30-150600.3.25.1
* php8-shmop-8.2.30-150600.3.25.1
* php8-bcmath-8.2.30-150600.3.25.1
* php8-gd-8.2.30-150600.3.25.1
* apache2-mod_php8-8.2.30-150600.3.25.1
* php8-pcntl-8.2.30-150600.3.25.1
* php8-zlib-8.2.30-150600.3.25.1
* php8-phar-debuginfo-8.2.30-150600.3.25.1
* php8-debugsource-8.2.30-150600.3.25.1
* php8-sqlite-8.2.30-150600.3.25.1
* php8-embed-debuginfo-8.2.30-150600.3.25.1
* php8-sockets-8.2.30-150600.3.25.1
* php8-zip-debuginfo-8.2.30-150600.3.25.1
* php8-gettext-8.2.30-150600.3.25.1
* php8-test-8.2.30-150600.3.25.1
* php8-ctype-debuginfo-8.2.30-150600.3.25.1
* php8-calendar-debuginfo-8.2.30-150600.3.25.1
* php8-ldap-debuginfo-8.2.30-150600.3.25.1
* php8-exif-debuginfo-8.2.30-150600.3.25.1
* php8-gettext-debuginfo-8.2.30-150600.3.25.1
* php8-pdo-8.2.30-150600.3.25.1
* apache2-mod_php8-debuginfo-8.2.30-150600.3.25.1
* php8-shmop-debuginfo-8.2.30-150600.3.25.1
* php8-iconv-debuginfo-8.2.30-150600.3.25.1
* php8-iconv-8.2.30-150600.3.25.1
* php8-fastcgi-debuginfo-8.2.30-150600.3.25.1
* php8-soap-debuginfo-8.2.30-150600.3.25.1
* php8-mysql-8.2.30-150600.3.25.1
* php8-dba-8.2.30-150600.3.25.1
* php8-sysvshm-8.2.30-150600.3.25.1
* php8-fileinfo-debuginfo-8.2.30-150600.3.25.1
* php8-pgsql-8.2.30-150600.3.25.1
* php8-xmlwriter-debuginfo-8.2.30-150600.3.25.1
* php8-readline-debuginfo-8.2.30-150600.3.25.1
* php8-ftp-debuginfo-8.2.30-150600.3.25.1
* php8-sysvsem-8.2.30-150600.3.25.1
* openSUSE Leap 15.6 (noarch)
* php8-fpm-apache-8.2.30-150600.3.25.1

## References:

* https://www.suse.com/security/cve/CVE-2025-14177.html
* https://www.suse.com/security/cve/CVE-2025-14178.html
* https://www.suse.com/security/cve/CVE-2025-14180.html
* https://bugzilla.suse.com/show_bug.cgi?id=1255710
* https://bugzilla.suse.com/show_bug.cgi?id=1255711
* https://bugzilla.suse.com/show_bug.cgi?id=1255712



SUSE-SU-2026:0072-1: moderate: Security update for ImageMagick


# Security update for ImageMagick

Announcement ID: SUSE-SU-2026:0072-1
Release Date: 2026-01-08T13:22:28Z
Rating: moderate
References:

* bsc#1255821
* bsc#1255822

Cross-References:

* CVE-2025-68618
* CVE-2025-68950

CVSS scores:

* CVE-2025-68618 ( SUSE ): 5.1
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-68618 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-68618 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-68618 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68950 ( SUSE ): 5.1
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-68950 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-68950 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-68950 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* Desktop Applications Module 15-SP7
* openSUSE Leap 15.4
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves two vulnerabilities can now be installed.

## Description:

This update for ImageMagick fixes the following issues:

* CVE-2025-68618: read a malicious SVG file may result in a DoS attack
(bsc#1255821).
* CVE-2025-68950: check for circular references in mvg files may lead to stack
overflow (bsc#1255822).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-72=1

* Desktop Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2026-72=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libMagickCore-7_Q16HDRI10-7.1.0.9-150400.6.61.1
* ImageMagick-extra-debuginfo-7.1.0.9-150400.6.61.1
* ImageMagick-config-7-upstream-7.1.0.9-150400.6.61.1
* ImageMagick-devel-7.1.0.9-150400.6.61.1
* libMagick++-devel-7.1.0.9-150400.6.61.1
* libMagick++-7_Q16HDRI5-7.1.0.9-150400.6.61.1
* libMagickWand-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.61.1
* perl-PerlMagick-debuginfo-7.1.0.9-150400.6.61.1
* ImageMagick-7.1.0.9-150400.6.61.1
* ImageMagick-debugsource-7.1.0.9-150400.6.61.1
* libMagickCore-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.61.1
* libMagickWand-7_Q16HDRI10-7.1.0.9-150400.6.61.1
* ImageMagick-extra-7.1.0.9-150400.6.61.1
* perl-PerlMagick-7.1.0.9-150400.6.61.1
* ImageMagick-config-7-SUSE-7.1.0.9-150400.6.61.1
* libMagick++-7_Q16HDRI5-debuginfo-7.1.0.9-150400.6.61.1
* ImageMagick-debuginfo-7.1.0.9-150400.6.61.1
* openSUSE Leap 15.4 (x86_64)
* libMagickCore-7_Q16HDRI10-32bit-7.1.0.9-150400.6.61.1
* libMagick++-devel-32bit-7.1.0.9-150400.6.61.1
* ImageMagick-devel-32bit-7.1.0.9-150400.6.61.1
* libMagickWand-7_Q16HDRI10-32bit-7.1.0.9-150400.6.61.1
* libMagick++-7_Q16HDRI5-32bit-debuginfo-7.1.0.9-150400.6.61.1
* libMagickWand-7_Q16HDRI10-32bit-debuginfo-7.1.0.9-150400.6.61.1
* libMagickCore-7_Q16HDRI10-32bit-debuginfo-7.1.0.9-150400.6.61.1
* libMagick++-7_Q16HDRI5-32bit-7.1.0.9-150400.6.61.1
* openSUSE Leap 15.4 (noarch)
* ImageMagick-doc-7.1.0.9-150400.6.61.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libMagick++-devel-64bit-7.1.0.9-150400.6.61.1
* libMagick++-7_Q16HDRI5-64bit-debuginfo-7.1.0.9-150400.6.61.1
* libMagickWand-7_Q16HDRI10-64bit-debuginfo-7.1.0.9-150400.6.61.1
* libMagickCore-7_Q16HDRI10-64bit-7.1.0.9-150400.6.61.1
* libMagick++-7_Q16HDRI5-64bit-7.1.0.9-150400.6.61.1
* libMagickWand-7_Q16HDRI10-64bit-7.1.0.9-150400.6.61.1
* libMagickCore-7_Q16HDRI10-64bit-debuginfo-7.1.0.9-150400.6.61.1
* ImageMagick-devel-64bit-7.1.0.9-150400.6.61.1
* Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* ImageMagick-config-7-upstream-7.1.0.9-150400.6.61.1
* ImageMagick-debugsource-7.1.0.9-150400.6.61.1
* ImageMagick-debuginfo-7.1.0.9-150400.6.61.1

## References:

* https://www.suse.com/security/cve/CVE-2025-68618.html
* https://www.suse.com/security/cve/CVE-2025-68950.html
* https://bugzilla.suse.com/show_bug.cgi?id=1255821
* https://bugzilla.suse.com/show_bug.cgi?id=1255822



openSUSE-SU-2026:10015-1: moderate: libwget4-2.2.1-1.1 on GA media


# libwget4-2.2.1-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10015-1
Rating: moderate

Cross-References:

* CVE-2025-69194
* CVE-2025-69195

Affected Products:

* openSUSE Tumbleweed

An update that solves 2 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the libwget4-2.2.1-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* libwget4 2.2.1-1.1
* wget2 2.2.1-1.1
* wget2-devel 2.2.1-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-69194.html
* https://www.suse.com/security/cve/CVE-2025-69195.html



openSUSE-SU-2026:10014-1: moderate: python311-cbor2-5.8.0-2.1 on GA media


# python311-cbor2-5.8.0-2.1 on GA media

Announcement ID: openSUSE-SU-2026:10014-1
Rating: moderate

Cross-References:

* CVE-2025-68131

CVSS scores:

* CVE-2025-68131 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2025-68131 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the python311-cbor2-5.8.0-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* python311-cbor2 5.8.0-2.1
* python312-cbor2 5.8.0-2.1
* python313-cbor2 5.8.0-2.1

## References:

* https://www.suse.com/security/cve/CVE-2025-68131.html



openSUSE-SU-2026:10012-1: moderate: ImageMagick-7.1.2.12-1.1 on GA media


# ImageMagick-7.1.2.12-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10012-1
Rating: moderate

Cross-References:

* CVE-2025-68618
* CVE-2025-68950
* CVE-2025-69204

CVSS scores:

* CVE-2025-68618 ( SUSE ): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-68618 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-68950 ( SUSE ): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-68950 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-69204 ( SUSE ): 4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-69204 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 3 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the ImageMagick-7.1.2.12-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* ImageMagick 7.1.2.12-1.1
* ImageMagick-config-7-SUSE 7.1.2.12-1.1
* ImageMagick-devel 7.1.2.12-1.1
* ImageMagick-devel-32bit 7.1.2.12-1.1
* ImageMagick-doc 7.1.2.12-1.1
* ImageMagick-extra 7.1.2.12-1.1
* libMagick++-7_Q16HDRI5 7.1.2.12-1.1
* libMagick++-7_Q16HDRI5-32bit 7.1.2.12-1.1
* libMagick++-devel 7.1.2.12-1.1
* libMagick++-devel-32bit 7.1.2.12-1.1
* libMagickCore-7_Q16HDRI10 7.1.2.12-1.1
* libMagickCore-7_Q16HDRI10-32bit 7.1.2.12-1.1
* libMagickWand-7_Q16HDRI10 7.1.2.12-1.1
* libMagickWand-7_Q16HDRI10-32bit 7.1.2.12-1.1
* perl-PerlMagick 7.1.2.12-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-68618.html
* https://www.suse.com/security/cve/CVE-2025-68950.html
* https://www.suse.com/security/cve/CVE-2025-69204.html



openSUSE-SU-2026:10013-1: moderate: apptainer-1.4.5-1.1 on GA media


# apptainer-1.4.5-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10013-1
Rating: moderate

Cross-References:

* CVE-2025-22872
* CVE-2025-47913
* CVE-2025-47914
* CVE-2025-58181
* CVE-2025-65105
* CVE-2025-8556

CVSS scores:

* CVE-2025-22872 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
* CVE-2025-22872 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L
* CVE-2025-47913 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-47913 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-47914 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-47914 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-58181 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2025-58181 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2025-65105 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Affected Products:

* openSUSE Tumbleweed

An update that solves 6 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the apptainer-1.4.5-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* apptainer 1.4.5-1.1
* apptainer-leap 1.4.5-1.1
* apptainer-sle15_7 1.4.5-1.1
* apptainer-sle16 1.4.5-1.1

## References:

* https://www.suse.com/security/cve/CVE-2025-22872.html
* https://www.suse.com/security/cve/CVE-2025-47913.html
* https://www.suse.com/security/cve/CVE-2025-47914.html
* https://www.suse.com/security/cve/CVE-2025-58181.html
* https://www.suse.com/security/cve/CVE-2025-65105.html
* https://www.suse.com/security/cve/CVE-2025-8556.html


Libtasn1 update for Slackware

Libvirt, Tornado, GnuPG, Sodium, GPSd updates for Ubuntu

Windows

Linux

macOS

Community

  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...