ImageMagick, OpenSSH, BuildAH, and more updates for SUSE

SUSE 5653 Published by

SUSE released a batch of critical security updates to address severe vulnerabilities across numerous widely used applications. The patches fix dangerous flaws like heap buffer overflows in ImageMagick, command injection risks in Vim, and denial of service weaknesses in OpenSSH alongside the PostgreSQL JDBC driver. Several announcements also rebuild core components against updated Go releases or resolve multiple high-severity issues in Firefox ESR and system libraries.

SUSE-SU-2026:2020-1: important: Security update for ImageMagick
SUSE-SU-2026:2022-1: important: Security update for ImageMagick
SUSE-SU-2026:2024-1: important: Security update for openssh
SUSE-SU-2026:2030-1: important: Security update for buildah
SUSE-SU-2026:2029-1: moderate: Security update for vim
SUSE-SU-2026:2032-1: important: Security update for distribution
SUSE-SU-2026:2028-1: important: Security update for postgresql-jdbc
SUSE-SU-2026:2034-1: important: Security update for buildah
openSUSE-SU-2026:10812-1: moderate: distribution-registry-3.1.1-1.1 on GA media
openSUSE-SU-2026:10816-1: moderate: libpainter0-0.9.27-2.1 on GA media
openSUSE-SU-2026:10815-1: moderate: libsdb2_4_2-6.1.4-2.1 on GA media
openSUSE-SU-2026:10814-1: moderate: helm-4.2.0-1.1 on GA media
openSUSE-SU-2026:10813-1: moderate: firefox-esr-140.11.0-1.1 on GA media




SUSE-SU-2026:2020-1: important: Security update for ImageMagick


# Security update for ImageMagick

Announcement ID: SUSE-SU-2026:2020-1
Release Date: 2026-05-20T07:14:12Z
Rating: important
References:

* bsc#1259528
* bsc#1265048

Cross-References:

* CVE-2026-31853
* CVE-2026-42050

CVSS scores:

* CVE-2026-31853 ( SUSE ): 8.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31853 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
* CVE-2026-31853 ( NVD ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
* CVE-2026-31853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-42050 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-42050 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products:

* Desktop Applications Module 15-SP7
* openSUSE Leap 15.4
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves two vulnerabilities can now be installed.

## Description:

This update for ImageMagick fixes the following issues

* CVE-2026-31853: heap buffer overflow leads to crash in the SFW decoder of
32-bit systems when processing extremely large images (bsc#1259528).
* CVE-2026-42050: Stack buffer overflow in XTileImage (bsc#1265048).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-2020=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2020=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2020=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2020=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2020=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2020=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2020=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2020=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2020=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2020=1

* Desktop Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2026-2020=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2020=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libMagickCore-7_Q16HDRI10-7.1.0.9-150400.6.80.1
* libMagick++-devel-7.1.0.9-150400.6.80.1
* libMagick++-7_Q16HDRI5-7.1.0.9-150400.6.80.1
* ImageMagick-extra-debuginfo-7.1.0.9-150400.6.80.1
* ImageMagick-extra-7.1.0.9-150400.6.80.1
* libMagickWand-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.80.1
* ImageMagick-config-7-SUSE-7.1.0.9-150400.6.80.1
* ImageMagick-devel-7.1.0.9-150400.6.80.1
* ImageMagick-config-7-upstream-7.1.0.9-150400.6.80.1
* libMagickWand-7_Q16HDRI10-7.1.0.9-150400.6.80.1
* libMagick++-7_Q16HDRI5-debuginfo-7.1.0.9-150400.6.80.1
* ImageMagick-7.1.0.9-150400.6.80.1
* perl-PerlMagick-debuginfo-7.1.0.9-150400.6.80.1
* libMagickCore-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.80.1
* perl-PerlMagick-7.1.0.9-150400.6.80.1
* ImageMagick-debugsource-7.1.0.9-150400.6.80.1
* ImageMagick-debuginfo-7.1.0.9-150400.6.80.1
* openSUSE Leap 15.4 (x86_64)
* libMagickWand-7_Q16HDRI10-32bit-7.1.0.9-150400.6.80.1
* ImageMagick-devel-32bit-7.1.0.9-150400.6.80.1
* libMagickCore-7_Q16HDRI10-32bit-7.1.0.9-150400.6.80.1
* libMagickWand-7_Q16HDRI10-32bit-debuginfo-7.1.0.9-150400.6.80.1
* libMagick++-devel-32bit-7.1.0.9-150400.6.80.1
* libMagick++-7_Q16HDRI5-32bit-debuginfo-7.1.0.9-150400.6.80.1
* libMagick++-7_Q16HDRI5-32bit-7.1.0.9-150400.6.80.1
* libMagickCore-7_Q16HDRI10-32bit-debuginfo-7.1.0.9-150400.6.80.1
* openSUSE Leap 15.4 (noarch)
* ImageMagick-doc-7.1.0.9-150400.6.80.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libMagick++-7_Q16HDRI5-64bit-debuginfo-7.1.0.9-150400.6.80.1
* ImageMagick-devel-64bit-7.1.0.9-150400.6.80.1
* libMagickCore-7_Q16HDRI10-64bit-7.1.0.9-150400.6.80.1
* libMagickCore-7_Q16HDRI10-64bit-debuginfo-7.1.0.9-150400.6.80.1
* libMagickWand-7_Q16HDRI10-64bit-7.1.0.9-150400.6.80.1
* libMagick++-7_Q16HDRI5-64bit-7.1.0.9-150400.6.80.1
* libMagick++-devel-64bit-7.1.0.9-150400.6.80.1
* libMagickWand-7_Q16HDRI10-64bit-debuginfo-7.1.0.9-150400.6.80.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* libMagickCore-7_Q16HDRI10-7.1.0.9-150400.6.80.1
* libMagick++-devel-7.1.0.9-150400.6.80.1
* libMagick++-7_Q16HDRI5-7.1.0.9-150400.6.80.1
* libMagickWand-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.80.1
* ImageMagick-config-7-SUSE-7.1.0.9-150400.6.80.1
* ImageMagick-devel-7.1.0.9-150400.6.80.1
* ImageMagick-config-7-upstream-7.1.0.9-150400.6.80.1
* libMagickWand-7_Q16HDRI10-7.1.0.9-150400.6.80.1
* perl-PerlMagick-debuginfo-7.1.0.9-150400.6.80.1
* ImageMagick-7.1.0.9-150400.6.80.1
* libMagick++-7_Q16HDRI5-debuginfo-7.1.0.9-150400.6.80.1
* libMagickCore-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.80.1
* perl-PerlMagick-7.1.0.9-150400.6.80.1
* ImageMagick-debugsource-7.1.0.9-150400.6.80.1
* ImageMagick-debuginfo-7.1.0.9-150400.6.80.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* libMagickCore-7_Q16HDRI10-7.1.0.9-150400.6.80.1
* libMagick++-devel-7.1.0.9-150400.6.80.1
* libMagick++-7_Q16HDRI5-7.1.0.9-150400.6.80.1
* libMagickWand-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.80.1
* ImageMagick-config-7-SUSE-7.1.0.9-150400.6.80.1
* ImageMagick-devel-7.1.0.9-150400.6.80.1
* ImageMagick-config-7-upstream-7.1.0.9-150400.6.80.1
* libMagickWand-7_Q16HDRI10-7.1.0.9-150400.6.80.1
* libMagick++-7_Q16HDRI5-debuginfo-7.1.0.9-150400.6.80.1
* ImageMagick-7.1.0.9-150400.6.80.1
* perl-PerlMagick-debuginfo-7.1.0.9-150400.6.80.1
* libMagickCore-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.80.1
* perl-PerlMagick-7.1.0.9-150400.6.80.1
* ImageMagick-debugsource-7.1.0.9-150400.6.80.1
* ImageMagick-debuginfo-7.1.0.9-150400.6.80.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* libMagickCore-7_Q16HDRI10-7.1.0.9-150400.6.80.1
* libMagick++-devel-7.1.0.9-150400.6.80.1
* libMagick++-7_Q16HDRI5-7.1.0.9-150400.6.80.1
* libMagickWand-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.80.1
* ImageMagick-config-7-SUSE-7.1.0.9-150400.6.80.1
* ImageMagick-devel-7.1.0.9-150400.6.80.1
* ImageMagick-config-7-upstream-7.1.0.9-150400.6.80.1
* libMagickWand-7_Q16HDRI10-7.1.0.9-150400.6.80.1
* libMagick++-7_Q16HDRI5-debuginfo-7.1.0.9-150400.6.80.1
* ImageMagick-7.1.0.9-150400.6.80.1
* perl-PerlMagick-debuginfo-7.1.0.9-150400.6.80.1
* libMagickCore-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.80.1
* perl-PerlMagick-7.1.0.9-150400.6.80.1
* ImageMagick-debugsource-7.1.0.9-150400.6.80.1
* ImageMagick-debuginfo-7.1.0.9-150400.6.80.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* libMagickCore-7_Q16HDRI10-7.1.0.9-150400.6.80.1
* libMagick++-devel-7.1.0.9-150400.6.80.1
* libMagick++-7_Q16HDRI5-7.1.0.9-150400.6.80.1
* libMagickWand-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.80.1
* ImageMagick-config-7-SUSE-7.1.0.9-150400.6.80.1
* ImageMagick-devel-7.1.0.9-150400.6.80.1
* ImageMagick-config-7-upstream-7.1.0.9-150400.6.80.1
* libMagickWand-7_Q16HDRI10-7.1.0.9-150400.6.80.1
* libMagick++-7_Q16HDRI5-debuginfo-7.1.0.9-150400.6.80.1
* ImageMagick-7.1.0.9-150400.6.80.1
* perl-PerlMagick-debuginfo-7.1.0.9-150400.6.80.1
* libMagickCore-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.80.1
* perl-PerlMagick-7.1.0.9-150400.6.80.1
* ImageMagick-debugsource-7.1.0.9-150400.6.80.1
* ImageMagick-debuginfo-7.1.0.9-150400.6.80.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* libMagickCore-7_Q16HDRI10-7.1.0.9-150400.6.80.1
* libMagick++-devel-7.1.0.9-150400.6.80.1
* libMagick++-7_Q16HDRI5-7.1.0.9-150400.6.80.1
* libMagickWand-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.80.1
* ImageMagick-config-7-SUSE-7.1.0.9-150400.6.80.1
* ImageMagick-devel-7.1.0.9-150400.6.80.1
* ImageMagick-config-7-upstream-7.1.0.9-150400.6.80.1
* libMagickWand-7_Q16HDRI10-7.1.0.9-150400.6.80.1
* perl-PerlMagick-debuginfo-7.1.0.9-150400.6.80.1
* ImageMagick-7.1.0.9-150400.6.80.1
* libMagick++-7_Q16HDRI5-debuginfo-7.1.0.9-150400.6.80.1
* libMagickCore-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.80.1
* perl-PerlMagick-7.1.0.9-150400.6.80.1
* ImageMagick-debugsource-7.1.0.9-150400.6.80.1
* ImageMagick-debuginfo-7.1.0.9-150400.6.80.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* ImageMagick-debuginfo-7.1.0.9-150400.6.80.1
* ImageMagick-debugsource-7.1.0.9-150400.6.80.1
* ImageMagick-config-7-upstream-7.1.0.9-150400.6.80.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* libMagickCore-7_Q16HDRI10-7.1.0.9-150400.6.80.1
* libMagick++-devel-7.1.0.9-150400.6.80.1
* libMagick++-7_Q16HDRI5-7.1.0.9-150400.6.80.1
* libMagickWand-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.80.1
* ImageMagick-config-7-SUSE-7.1.0.9-150400.6.80.1
* ImageMagick-devel-7.1.0.9-150400.6.80.1
* ImageMagick-config-7-upstream-7.1.0.9-150400.6.80.1
* libMagickWand-7_Q16HDRI10-7.1.0.9-150400.6.80.1
* libMagick++-7_Q16HDRI5-debuginfo-7.1.0.9-150400.6.80.1
* ImageMagick-7.1.0.9-150400.6.80.1
* perl-PerlMagick-debuginfo-7.1.0.9-150400.6.80.1
* libMagickCore-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.80.1
* perl-PerlMagick-7.1.0.9-150400.6.80.1
* ImageMagick-debugsource-7.1.0.9-150400.6.80.1
* ImageMagick-debuginfo-7.1.0.9-150400.6.80.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* libMagickCore-7_Q16HDRI10-7.1.0.9-150400.6.80.1
* libMagick++-devel-7.1.0.9-150400.6.80.1
* libMagick++-7_Q16HDRI5-7.1.0.9-150400.6.80.1
* libMagickWand-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.80.1
* ImageMagick-config-7-SUSE-7.1.0.9-150400.6.80.1
* ImageMagick-devel-7.1.0.9-150400.6.80.1
* ImageMagick-config-7-upstream-7.1.0.9-150400.6.80.1
* libMagickWand-7_Q16HDRI10-7.1.0.9-150400.6.80.1
* libMagick++-7_Q16HDRI5-debuginfo-7.1.0.9-150400.6.80.1
* ImageMagick-7.1.0.9-150400.6.80.1
* perl-PerlMagick-debuginfo-7.1.0.9-150400.6.80.1
* libMagickCore-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.80.1
* perl-PerlMagick-7.1.0.9-150400.6.80.1
* ImageMagick-debugsource-7.1.0.9-150400.6.80.1
* ImageMagick-debuginfo-7.1.0.9-150400.6.80.1
* Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* ImageMagick-debuginfo-7.1.0.9-150400.6.80.1
* ImageMagick-debugsource-7.1.0.9-150400.6.80.1
* ImageMagick-config-7-upstream-7.1.0.9-150400.6.80.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* libMagickCore-7_Q16HDRI10-7.1.0.9-150400.6.80.1
* libMagick++-devel-7.1.0.9-150400.6.80.1
* libMagick++-7_Q16HDRI5-7.1.0.9-150400.6.80.1
* libMagickWand-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.80.1
* ImageMagick-config-7-SUSE-7.1.0.9-150400.6.80.1
* ImageMagick-devel-7.1.0.9-150400.6.80.1
* ImageMagick-config-7-upstream-7.1.0.9-150400.6.80.1
* libMagickWand-7_Q16HDRI10-7.1.0.9-150400.6.80.1
* libMagick++-7_Q16HDRI5-debuginfo-7.1.0.9-150400.6.80.1
* ImageMagick-7.1.0.9-150400.6.80.1
* perl-PerlMagick-debuginfo-7.1.0.9-150400.6.80.1
* libMagickCore-7_Q16HDRI10-debuginfo-7.1.0.9-150400.6.80.1
* perl-PerlMagick-7.1.0.9-150400.6.80.1
* ImageMagick-debugsource-7.1.0.9-150400.6.80.1
* ImageMagick-debuginfo-7.1.0.9-150400.6.80.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* ImageMagick-debuginfo-7.1.0.9-150400.6.80.1
* ImageMagick-debugsource-7.1.0.9-150400.6.80.1
* ImageMagick-config-7-upstream-7.1.0.9-150400.6.80.1

## References:

* https://www.suse.com/security/cve/CVE-2026-31853.html
* https://www.suse.com/security/cve/CVE-2026-42050.html
* https://bugzilla.suse.com/show_bug.cgi?id=1259528
* https://bugzilla.suse.com/show_bug.cgi?id=1265048



SUSE-SU-2026:2022-1: important: Security update for ImageMagick


# Security update for ImageMagick

Announcement ID: SUSE-SU-2026:2022-1
Release Date: 2026-05-20T07:14:42Z
Rating: important
References:

* bsc#1259528
* bsc#1265048

Cross-References:

* CVE-2026-31853
* CVE-2026-42050

CVSS scores:

* CVE-2026-31853 ( SUSE ): 8.3
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31853 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
* CVE-2026-31853 ( NVD ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
* CVE-2026-31853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-42050 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-42050 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves two vulnerabilities can now be installed.

## Description:

This update for ImageMagick fixes the following issues

* CVE-2026-31853: heap buffer overflow leads to crash in the SFW decoder of
32-bit systems when processing extremely large images (bsc#1259528).
* CVE-2026-42050: Stack buffer overflow in XTileImage (bsc#1265048).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-2022=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2022=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2022=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* ImageMagick-config-7-upstream-open-7.1.1.21-150600.3.60.1
* perl-PerlMagick-debuginfo-7.1.1.21-150600.3.60.1
* perl-PerlMagick-7.1.1.21-150600.3.60.1
* ImageMagick-config-7-upstream-websafe-7.1.1.21-150600.3.60.1
* libMagickWand-7_Q16HDRI10-debuginfo-7.1.1.21-150600.3.60.1
* ImageMagick-debuginfo-7.1.1.21-150600.3.60.1
* ImageMagick-extra-debuginfo-7.1.1.21-150600.3.60.1
* libMagick++-7_Q16HDRI5-debuginfo-7.1.1.21-150600.3.60.1
* ImageMagick-config-7-SUSE-7.1.1.21-150600.3.60.1
* libMagickCore-7_Q16HDRI10-debuginfo-7.1.1.21-150600.3.60.1
* libMagickWand-7_Q16HDRI10-7.1.1.21-150600.3.60.1
* ImageMagick-devel-7.1.1.21-150600.3.60.1
* ImageMagick-config-7-upstream-secure-7.1.1.21-150600.3.60.1
* ImageMagick-debugsource-7.1.1.21-150600.3.60.1
* ImageMagick-extra-7.1.1.21-150600.3.60.1
* libMagick++-devel-7.1.1.21-150600.3.60.1
* ImageMagick-config-7-upstream-limited-7.1.1.21-150600.3.60.1
* libMagick++-7_Q16HDRI5-7.1.1.21-150600.3.60.1
* ImageMagick-7.1.1.21-150600.3.60.1
* libMagickCore-7_Q16HDRI10-7.1.1.21-150600.3.60.1
* openSUSE Leap 15.6 (x86_64)
* libMagick++-7_Q16HDRI5-32bit-debuginfo-7.1.1.21-150600.3.60.1
* libMagick++-7_Q16HDRI5-32bit-7.1.1.21-150600.3.60.1
* libMagickWand-7_Q16HDRI10-32bit-debuginfo-7.1.1.21-150600.3.60.1
* libMagickCore-7_Q16HDRI10-32bit-debuginfo-7.1.1.21-150600.3.60.1
* libMagickCore-7_Q16HDRI10-32bit-7.1.1.21-150600.3.60.1
* libMagickWand-7_Q16HDRI10-32bit-7.1.1.21-150600.3.60.1
* ImageMagick-devel-32bit-7.1.1.21-150600.3.60.1
* libMagick++-devel-32bit-7.1.1.21-150600.3.60.1
* openSUSE Leap 15.6 (noarch)
* ImageMagick-doc-7.1.1.21-150600.3.60.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* libMagickWand-7_Q16HDRI10-64bit-debuginfo-7.1.1.21-150600.3.60.1
* libMagickCore-7_Q16HDRI10-64bit-debuginfo-7.1.1.21-150600.3.60.1
* libMagick++-7_Q16HDRI5-64bit-7.1.1.21-150600.3.60.1
* libMagick++-7_Q16HDRI5-64bit-debuginfo-7.1.1.21-150600.3.60.1
* libMagick++-devel-64bit-7.1.1.21-150600.3.60.1
* ImageMagick-devel-64bit-7.1.1.21-150600.3.60.1
* libMagickWand-7_Q16HDRI10-64bit-7.1.1.21-150600.3.60.1
* libMagickCore-7_Q16HDRI10-64bit-7.1.1.21-150600.3.60.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* libMagickCore-7_Q16HDRI10-debuginfo-7.1.1.21-150600.3.60.1
* ImageMagick-config-7-upstream-open-7.1.1.21-150600.3.60.1
* ImageMagick-debuginfo-7.1.1.21-150600.3.60.1
* libMagickWand-7_Q16HDRI10-7.1.1.21-150600.3.60.1
* ImageMagick-devel-7.1.1.21-150600.3.60.1
* ImageMagick-config-7-upstream-secure-7.1.1.21-150600.3.60.1
* libMagickWand-7_Q16HDRI10-debuginfo-7.1.1.21-150600.3.60.1
* perl-PerlMagick-debuginfo-7.1.1.21-150600.3.60.1
* ImageMagick-debugsource-7.1.1.21-150600.3.60.1
* libMagick++-7_Q16HDRI5-debuginfo-7.1.1.21-150600.3.60.1
* ImageMagick-config-7-SUSE-7.1.1.21-150600.3.60.1
* ImageMagick-config-7-upstream-limited-7.1.1.21-150600.3.60.1
* libMagick++-7_Q16HDRI5-7.1.1.21-150600.3.60.1
* ImageMagick-config-7-upstream-websafe-7.1.1.21-150600.3.60.1
* libMagick++-devel-7.1.1.21-150600.3.60.1
* perl-PerlMagick-7.1.1.21-150600.3.60.1
* ImageMagick-7.1.1.21-150600.3.60.1
* libMagickCore-7_Q16HDRI10-7.1.1.21-150600.3.60.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* libMagickCore-7_Q16HDRI10-debuginfo-7.1.1.21-150600.3.60.1
* ImageMagick-config-7-upstream-open-7.1.1.21-150600.3.60.1
* ImageMagick-debuginfo-7.1.1.21-150600.3.60.1
* libMagickWand-7_Q16HDRI10-7.1.1.21-150600.3.60.1
* ImageMagick-devel-7.1.1.21-150600.3.60.1
* ImageMagick-config-7-upstream-secure-7.1.1.21-150600.3.60.1
* libMagickWand-7_Q16HDRI10-debuginfo-7.1.1.21-150600.3.60.1
* perl-PerlMagick-debuginfo-7.1.1.21-150600.3.60.1
* ImageMagick-debugsource-7.1.1.21-150600.3.60.1
* libMagick++-7_Q16HDRI5-debuginfo-7.1.1.21-150600.3.60.1
* ImageMagick-config-7-SUSE-7.1.1.21-150600.3.60.1
* ImageMagick-config-7-upstream-limited-7.1.1.21-150600.3.60.1
* libMagick++-7_Q16HDRI5-7.1.1.21-150600.3.60.1
* ImageMagick-config-7-upstream-websafe-7.1.1.21-150600.3.60.1
* libMagick++-devel-7.1.1.21-150600.3.60.1
* perl-PerlMagick-7.1.1.21-150600.3.60.1
* ImageMagick-7.1.1.21-150600.3.60.1
* libMagickCore-7_Q16HDRI10-7.1.1.21-150600.3.60.1

## References:

* https://www.suse.com/security/cve/CVE-2026-31853.html
* https://www.suse.com/security/cve/CVE-2026-42050.html
* https://bugzilla.suse.com/show_bug.cgi?id=1259528
* https://bugzilla.suse.com/show_bug.cgi?id=1265048



SUSE-SU-2026:2024-1: important: Security update for openssh


# Security update for openssh

Announcement ID: SUSE-SU-2026:2024-1
Release Date: 2026-05-20T07:23:49Z
Rating: important
References:

* bsc#1261427
* bsc#1261430

Cross-References:

* CVE-2026-35385
* CVE-2026-35414

CVSS scores:

* CVE-2026-35385 ( SUSE ): 7.5
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-35385 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2026-35385 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2026-35385 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-35414 ( SUSE ): 2.3
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-35414 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-35414 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-35414 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

Affected Products:

* openSUSE Leap 15.3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves two vulnerabilities can now be installed.

## Description:

This update for openssh fixes the following issues

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2026-2024=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2026-2024=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2026-2024=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2026-2024=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2026-2024=1

* openSUSE Leap 15.3
zypper in -t patch SUSE-2026-2024=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2024=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2024=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2024=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2024=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2024=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2024=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2024=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2024=1

## Package List:

* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* openssh-server-8.4p1-150300.3.60.1
* openssh-clients-8.4p1-150300.3.60.1
* openssh-debugsource-8.4p1-150300.3.60.1
* openssh-8.4p1-150300.3.60.1
* openssh-fips-8.4p1-150300.3.60.1
* openssh-common-8.4p1-150300.3.60.1
* openssh-common-debuginfo-8.4p1-150300.3.60.1
* openssh-server-debuginfo-8.4p1-150300.3.60.1
* openssh-debuginfo-8.4p1-150300.3.60.1
* openssh-clients-debuginfo-8.4p1-150300.3.60.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* openssh-server-8.4p1-150300.3.60.1
* openssh-clients-8.4p1-150300.3.60.1
* openssh-debugsource-8.4p1-150300.3.60.1
* openssh-8.4p1-150300.3.60.1
* openssh-fips-8.4p1-150300.3.60.1
* openssh-common-8.4p1-150300.3.60.1
* openssh-common-debuginfo-8.4p1-150300.3.60.1
* openssh-server-debuginfo-8.4p1-150300.3.60.1
* openssh-debuginfo-8.4p1-150300.3.60.1
* openssh-clients-debuginfo-8.4p1-150300.3.60.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* openssh-server-8.4p1-150300.3.60.1
* openssh-clients-8.4p1-150300.3.60.1
* openssh-8.4p1-150300.3.60.1
* openssh-debugsource-8.4p1-150300.3.60.1
* openssh-fips-8.4p1-150300.3.60.1
* openssh-common-8.4p1-150300.3.60.1
* openssh-common-debuginfo-8.4p1-150300.3.60.1
* openssh-debuginfo-8.4p1-150300.3.60.1
* openssh-server-debuginfo-8.4p1-150300.3.60.1
* openssh-clients-debuginfo-8.4p1-150300.3.60.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* openssh-server-8.4p1-150300.3.60.1
* openssh-clients-8.4p1-150300.3.60.1
* openssh-8.4p1-150300.3.60.1
* openssh-debugsource-8.4p1-150300.3.60.1
* openssh-fips-8.4p1-150300.3.60.1
* openssh-common-8.4p1-150300.3.60.1
* openssh-common-debuginfo-8.4p1-150300.3.60.1
* openssh-debuginfo-8.4p1-150300.3.60.1
* openssh-server-debuginfo-8.4p1-150300.3.60.1
* openssh-clients-debuginfo-8.4p1-150300.3.60.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* openssh-server-8.4p1-150300.3.60.1
* openssh-clients-8.4p1-150300.3.60.1
* openssh-8.4p1-150300.3.60.1
* openssh-debugsource-8.4p1-150300.3.60.1
* openssh-fips-8.4p1-150300.3.60.1
* openssh-common-8.4p1-150300.3.60.1
* openssh-common-debuginfo-8.4p1-150300.3.60.1
* openssh-debuginfo-8.4p1-150300.3.60.1
* openssh-server-debuginfo-8.4p1-150300.3.60.1
* openssh-clients-debuginfo-8.4p1-150300.3.60.1
* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* openssh-cavs-debuginfo-8.4p1-150300.3.60.1
* openssh-helpers-debuginfo-8.4p1-150300.3.60.1
* openssh-server-8.4p1-150300.3.60.1
* openssh-clients-8.4p1-150300.3.60.1
* openssh-debugsource-8.4p1-150300.3.60.1
* openssh-8.4p1-150300.3.60.1
* openssh-fips-8.4p1-150300.3.60.1
* openssh-common-8.4p1-150300.3.60.1
* openssh-common-debuginfo-8.4p1-150300.3.60.1
* openssh-askpass-gnome-debugsource-8.4p1-150300.3.60.1
* openssh-debuginfo-8.4p1-150300.3.60.1
* openssh-server-debuginfo-8.4p1-150300.3.60.1
* openssh-askpass-gnome-debuginfo-8.4p1-150300.3.60.1
* openssh-clients-debuginfo-8.4p1-150300.3.60.1
* openssh-helpers-8.4p1-150300.3.60.1
* openssh-cavs-8.4p1-150300.3.60.1
* openssh-askpass-gnome-8.4p1-150300.3.60.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* openssh-helpers-debuginfo-8.4p1-150300.3.60.1
* openssh-server-8.4p1-150300.3.60.1
* openssh-clients-8.4p1-150300.3.60.1
* openssh-debugsource-8.4p1-150300.3.60.1
* openssh-8.4p1-150300.3.60.1
* openssh-fips-8.4p1-150300.3.60.1
* openssh-common-8.4p1-150300.3.60.1
* openssh-common-debuginfo-8.4p1-150300.3.60.1
* openssh-askpass-gnome-debugsource-8.4p1-150300.3.60.1
* openssh-debuginfo-8.4p1-150300.3.60.1
* openssh-server-debuginfo-8.4p1-150300.3.60.1
* openssh-askpass-gnome-debuginfo-8.4p1-150300.3.60.1
* openssh-clients-debuginfo-8.4p1-150300.3.60.1
* openssh-helpers-8.4p1-150300.3.60.1
* openssh-askpass-gnome-8.4p1-150300.3.60.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* openssh-helpers-debuginfo-8.4p1-150300.3.60.1
* openssh-server-8.4p1-150300.3.60.1
* openssh-clients-8.4p1-150300.3.60.1
* openssh-8.4p1-150300.3.60.1
* openssh-debugsource-8.4p1-150300.3.60.1
* openssh-fips-8.4p1-150300.3.60.1
* openssh-common-8.4p1-150300.3.60.1
* openssh-common-debuginfo-8.4p1-150300.3.60.1
* openssh-askpass-gnome-debugsource-8.4p1-150300.3.60.1
* openssh-debuginfo-8.4p1-150300.3.60.1
* openssh-server-debuginfo-8.4p1-150300.3.60.1
* openssh-askpass-gnome-debuginfo-8.4p1-150300.3.60.1
* openssh-clients-debuginfo-8.4p1-150300.3.60.1
* openssh-helpers-8.4p1-150300.3.60.1
* openssh-askpass-gnome-8.4p1-150300.3.60.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* openssh-helpers-debuginfo-8.4p1-150300.3.60.1
* openssh-server-8.4p1-150300.3.60.1
* openssh-clients-8.4p1-150300.3.60.1
* openssh-8.4p1-150300.3.60.1
* openssh-debugsource-8.4p1-150300.3.60.1
* openssh-fips-8.4p1-150300.3.60.1
* openssh-common-8.4p1-150300.3.60.1
* openssh-common-debuginfo-8.4p1-150300.3.60.1
* openssh-askpass-gnome-debugsource-8.4p1-150300.3.60.1
* openssh-debuginfo-8.4p1-150300.3.60.1
* openssh-server-debuginfo-8.4p1-150300.3.60.1
* openssh-askpass-gnome-debuginfo-8.4p1-150300.3.60.1
* openssh-clients-debuginfo-8.4p1-150300.3.60.1
* openssh-helpers-8.4p1-150300.3.60.1
* openssh-askpass-gnome-8.4p1-150300.3.60.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* openssh-helpers-debuginfo-8.4p1-150300.3.60.1
* openssh-server-8.4p1-150300.3.60.1
* openssh-clients-8.4p1-150300.3.60.1
* openssh-8.4p1-150300.3.60.1
* openssh-debugsource-8.4p1-150300.3.60.1
* openssh-fips-8.4p1-150300.3.60.1
* openssh-common-8.4p1-150300.3.60.1
* openssh-common-debuginfo-8.4p1-150300.3.60.1
* openssh-askpass-gnome-debugsource-8.4p1-150300.3.60.1
* openssh-server-debuginfo-8.4p1-150300.3.60.1
* openssh-debuginfo-8.4p1-150300.3.60.1
* openssh-askpass-gnome-debuginfo-8.4p1-150300.3.60.1
* openssh-clients-debuginfo-8.4p1-150300.3.60.1
* openssh-helpers-8.4p1-150300.3.60.1
* openssh-askpass-gnome-8.4p1-150300.3.60.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* openssh-helpers-debuginfo-8.4p1-150300.3.60.1
* openssh-server-8.4p1-150300.3.60.1
* openssh-clients-8.4p1-150300.3.60.1
* openssh-8.4p1-150300.3.60.1
* openssh-debugsource-8.4p1-150300.3.60.1
* openssh-fips-8.4p1-150300.3.60.1
* openssh-common-8.4p1-150300.3.60.1
* openssh-common-debuginfo-8.4p1-150300.3.60.1
* openssh-askpass-gnome-debugsource-8.4p1-150300.3.60.1
* openssh-debuginfo-8.4p1-150300.3.60.1
* openssh-server-debuginfo-8.4p1-150300.3.60.1
* openssh-askpass-gnome-debuginfo-8.4p1-150300.3.60.1
* openssh-clients-debuginfo-8.4p1-150300.3.60.1
* openssh-helpers-8.4p1-150300.3.60.1
* openssh-askpass-gnome-8.4p1-150300.3.60.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* openssh-helpers-debuginfo-8.4p1-150300.3.60.1
* openssh-server-8.4p1-150300.3.60.1
* openssh-clients-8.4p1-150300.3.60.1
* openssh-8.4p1-150300.3.60.1
* openssh-debugsource-8.4p1-150300.3.60.1
* openssh-fips-8.4p1-150300.3.60.1
* openssh-common-8.4p1-150300.3.60.1
* openssh-common-debuginfo-8.4p1-150300.3.60.1
* openssh-askpass-gnome-debugsource-8.4p1-150300.3.60.1
* openssh-server-debuginfo-8.4p1-150300.3.60.1
* openssh-debuginfo-8.4p1-150300.3.60.1
* openssh-askpass-gnome-debuginfo-8.4p1-150300.3.60.1
* openssh-clients-debuginfo-8.4p1-150300.3.60.1
* openssh-helpers-8.4p1-150300.3.60.1
* openssh-askpass-gnome-8.4p1-150300.3.60.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* openssh-helpers-debuginfo-8.4p1-150300.3.60.1
* openssh-server-8.4p1-150300.3.60.1
* openssh-clients-8.4p1-150300.3.60.1
* openssh-8.4p1-150300.3.60.1
* openssh-debugsource-8.4p1-150300.3.60.1
* openssh-fips-8.4p1-150300.3.60.1
* openssh-common-8.4p1-150300.3.60.1
* openssh-common-debuginfo-8.4p1-150300.3.60.1
* openssh-askpass-gnome-debugsource-8.4p1-150300.3.60.1
* openssh-debuginfo-8.4p1-150300.3.60.1
* openssh-server-debuginfo-8.4p1-150300.3.60.1
* openssh-askpass-gnome-debuginfo-8.4p1-150300.3.60.1
* openssh-clients-debuginfo-8.4p1-150300.3.60.1
* openssh-helpers-8.4p1-150300.3.60.1
* openssh-askpass-gnome-8.4p1-150300.3.60.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* openssh-helpers-debuginfo-8.4p1-150300.3.60.1
* openssh-server-8.4p1-150300.3.60.1
* openssh-clients-8.4p1-150300.3.60.1
* openssh-8.4p1-150300.3.60.1
* openssh-debugsource-8.4p1-150300.3.60.1
* openssh-fips-8.4p1-150300.3.60.1
* openssh-common-8.4p1-150300.3.60.1
* openssh-common-debuginfo-8.4p1-150300.3.60.1
* openssh-askpass-gnome-debugsource-8.4p1-150300.3.60.1
* openssh-debuginfo-8.4p1-150300.3.60.1
* openssh-server-debuginfo-8.4p1-150300.3.60.1
* openssh-askpass-gnome-debuginfo-8.4p1-150300.3.60.1
* openssh-clients-debuginfo-8.4p1-150300.3.60.1
* openssh-helpers-8.4p1-150300.3.60.1
* openssh-askpass-gnome-8.4p1-150300.3.60.1

## References:

* https://www.suse.com/security/cve/CVE-2026-35385.html
* https://www.suse.com/security/cve/CVE-2026-35414.html
* https://bugzilla.suse.com/show_bug.cgi?id=1261427
* https://bugzilla.suse.com/show_bug.cgi?id=1261430



SUSE-SU-2026:2030-1: important: Security update for buildah


# Security update for buildah

Announcement ID: SUSE-SU-2026:2030-1
Release Date: 2026-05-20T09:33:19Z
Rating: important
References:

Affected Products:

* Containers Module 15-SP7
* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that can now be installed.

## Description:

This update for buildah rebuilds it against the current go security release.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-2030=1

* Containers Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2026-2030=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2030=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2030=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2030=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2030=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2030=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2030=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* buildah-1.35.5-150500.3.57.1
* Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* buildah-1.35.5-150500.3.57.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* buildah-1.35.5-150500.3.57.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* buildah-1.35.5-150500.3.57.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* buildah-1.35.5-150500.3.57.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* buildah-1.35.5-150500.3.57.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* buildah-1.35.5-150500.3.57.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* buildah-1.35.5-150500.3.57.1



SUSE-SU-2026:2029-1: moderate: Security update for vim


# Security update for vim

Announcement ID: SUSE-SU-2026:2029-1
Release Date: 2026-05-20T09:18:19Z
Rating: moderate
References:

* bsc#1261833

Cross-References:

* CVE-2026-39881

CVSS scores:

* CVE-2026-39881 ( SUSE ): 5.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-39881 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
* CVE-2026-39881 ( NVD ): 5.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:H/A:N
* CVE-2026-39881 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:

* Basesystem Module 15-SP7
* Desktop Applications Module 15-SP7
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves one vulnerability can now be installed.

## Description:

This update for vim fixes the following issue:

Security fixes:

* CVE-2026-39881: command injection in NetBeans interface can lead to
arbitrary file reads and writes (bsc#1261833).

Other fixes:

* Update to 9.2.0398.
* 9.2.0398: MS-Windows: missing strptime() support
* 9.2.0397: tabpanel: double-click opens a new tab
* 9.2.0396: tests: Test_error_callback_terminal is flaky on macOS
* 9.2.0395: tests: Test_backupskip() may read from $HOME
* 9.2.0394: xxd: offsets greater than LONG_MAX print as negative
* 9.2.0393: MS-Windows: link error with XPM support on UCRT64
* 9.2.0392: tests: Some tests are flaky
* 9.2.0391: tests: Comment in test_vim9_cmd breaks syntax highlighting
* 9.2.0390: filetype: some Beancount files are not recognized
* 9.2.0389: DECRQM still leaves stray "pp" on Apple Terminal.app
* 9.2.0388: strange indent in update_topline()
* 9.2.0387: DECRQM request may leave stray chars in terminal
* 9.2.0386: No scroll/scrollbar support in the tabpanel
* 9.2.0385: Integer overflow with "ze" and large 'sidescrolloff'
* 9.2.0384: stale Insstart after cursor move breaks undo
* 9.2.0383: [security]: runtime(netrw): shell-injection via sftp: and file:
URLs
* 9.2.0382: Wayland: focus-stealing is non-working
* 9.2.0381: Vim9: Missing check_secure() in exec_instructions()
* 9.2.0380: completion: a few issues in completion code
* 9.2.0379: gui.color_approx is never used
* 9.2.0378: Using int as bool type in win_T struct
* 9.2.0377: Using int as bool type in gui_T struct
* 9.2.0376: Vim9: elseif condition compiled in dead branch
* 9.2.0375: prop_find() does not find a virt text in starting line
* 9.2.0374: c_CTRL-{G,T} does not handle offset
* 9.2.0373: Ctrl-R mapping not triggered during completion
* 9.2.0372: pum: rendering issues with multibyte text and opacity
* 9.2.0371: filetype: ghostty config files are not recognized
* 9.2.0370: duplicate code with literal string_T assignment
* 9.2.0369: multiple definitions of STRING_INIT macro
* 9.2.0368: too many strlen() calls when adding strings to dicts
* 9.2.0367: runtime(netrw): ~ note expanded on MS Windows
* 9.2.0366: pum: flicker when updating pum in place
* 9.2.0365: using int as bool
* 9.2.0364: tests: test_smoothscroll_textoff_showbreak() fails
* 9.2.0363: Vim9: variable shadowed by script-local function
* 9.2.0362: division by zero with smoothscroll and small windows
* 9.2.0361: tests: no tests for ch_listen() with IPs
* 9.2.0360: Cannot handle mouse-clicks in the tabpanel
* 9.2.0359: wrong VertSplitNC highlighting on winbar
* 9.2.0358: runtime(vimball): still path traversal attacks possible
* 9.2.0357: [security]: command injection via backticks in tag files
* 9.2.0356: Cannot apply 'scrolloff' context lines at end of file
* 9.2.0355: runtime(tar): missing path traversal checks in tar#Extract()
* 9.2.0354: filetype: not all Bitbake include files are recognized
* 9.2.0353: Missing out-of-memory check in register.c
* 9.2.0352: 'winhighlight' of left window blends into right window
* 9.2.0351: repeat_string() can be improved
* 9.2.0350: Enabling modelines poses a risk
* 9.2.0349: cannot style non-current window separator
* 9.2.0348: potential buffer underrun when setting statusline like option
* 9.2.0347: Vim9: script-local variable not found
* 9.2.0346: Wrong cursor position when entering command line window
* 9.2.0345: Wrong autoformatting with 'autocomplete'
* 9.2.0344: channel: ch_listen() can bind to network interface
* 9.2.0343: tests: test_clientserver may fail on slower systems
* 9.2.0342: tests: test_excmd.vim leaves swapfiles behind
* 9.2.0341: some functions can be run from the sandbox
* 9.2.0340: pum_redraw() may cause flicker
* 9.2.0339: regexp: nfa_regmatch() allocates and frees too often
* 9.2.0338: Cannot handle mouseclicks in the tabline
* 9.2.0337: list indexing broken on big-endian 32-bit platforms
* 9.2.0336: libvterm: no terminal reflow support
* 9.2.0335: json_encode() uses recursive algorithm
* 9.2.0334: GTK: window geometry shrinks with with client-side decorations
* 9.2.0333: filetype: PklProject files are not recognized
* 9.2.0332: popup: still opacity rendering issues
* 9.2.0331: spellfile: stack buffer overflows in spell file generation
* 9.2.0330: tests: some patterns in tar and zip plugin tests not strict enough
* 9.2.0329: tests: test_indent.vim leaves swapfiles behind
* 9.2.0328: Cannot handle mouseclicks in the statusline
* 9.2.0327: filetype: uv scripts are not detected
* 9.2.0326: runtime(tar): but with dotted path
* 9.2.0325: runtime(tar): bug in zstd handling
* 9.2.0324: 0x9b byte not unescaped in mapping
* 9.2.0323: filetype: buf.lock files are not recognized
* 9.2.0322: tests: test_popupwin fails
* 9.2.0321: MS-Windows: No OpenType font support
* 9.2.0320: several bugs with text properties
* 9.2.0319: popup: rendering issues with partially transparent popups
* 9.2.0318: cannot configure opacity for popup menu
* 9.2.0317: listener functions do not check secure flag
* 9.2.0316: [security]: command injection in netbeans interface via
defineAnnoType
* 9.2.0315: missing bound-checks
* 9.2.0314: channel: can bind to all network interfaces
* 9.2.0313: Callback channel not registered in GUI
* 9.2.0312: C-type names are marked as translatable
* 9.2.0311: redrawing logic with text properties can be improved
* 9.2.0310: unnecessary work in vim_strchr() and find_term_bykeys()
* 9.2.0309: Missing out-of-memory check to may_get_cmd_block()
* 9.2.0308: Error message E1547 is wrong
* 9.2.0307: more mismatches between return types and documentation
* 9.2.0306: runtime(tar): some issues with lz4 support
* 9.2.0305: mismatch between return types and documentation
* 9.2.0304: tests: test for 9.2.0285 doesn't always fail without the fix
* 9.2.0303: tests: zip plugin tests don't check for warning message properly
* 9.2.0302: runtime(netrw): RFC2396 decoding double escaping spaces
* 9.2.0301: Vim9: void function return value inconsistent
* 9.2.0300: The vimball plugin needs some love
* 9.2.0299: runtime(zip): may write using absolute paths
* 9.2.0298: Some internal variables are not modified
* 9.2.0297: libvterm: can improve CSI overflow code
* 9.2.0296: Redundant and incorrect integer pointer casts in drawline.c
* 9.2.0295: 'showcmd' shows wrong Visual block size with 'linebreak'
* 9.2.0294: if_lua: lua interface does not work with lua 5.5
* 9.2.0293: :packadd may lead to heap-buffer-overflow
* 9.2.0292: E340 internal error when using method call on void value
* 9.2.0291: too many strlen() calls
* 9.2.0290: Amiga: no support for AmigaOS 3.x
* 9.2.0289: 'linebreak' may lead to wrong Visual block highlighting
* 9.2.0288: libvterm: signed integer overflow parsing long CSI args
* 9.2.0287: filetype: not all ObjectScript routines are recognized
* 9.2.0286: still some unnecessary (int) casts in alloc()
* 9.2.0285: :syn sync grouphere may go beyond end of line
* 9.2.0284: tabpanel: crash when tabpanel expression returns variable line
count
* 9.2.0283: unnecessary (int) casts before alloc() calls
* 9.2.0282: tests: Test_viminfo_len_overflow() fails
* 9.2.0281: tests: Test_netrw_FileUrlEdit.. fails on Windows

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2026-2029=1

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-2029=1

* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2029=1

* Desktop Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2026-2029=1

## Package List:

* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* vim-small-9.2.0398-150500.20.49.1
* vim-small-debuginfo-9.2.0398-150500.20.49.1
* vim-debugsource-9.2.0398-150500.20.49.1
* vim-debuginfo-9.2.0398-150500.20.49.1
* SUSE Linux Enterprise Micro 5.5 (noarch)
* vim-data-common-9.2.0398-150500.20.49.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* gvim-9.2.0398-150500.20.49.1
* gvim-debuginfo-9.2.0398-150500.20.49.1
* vim-debuginfo-9.2.0398-150500.20.49.1
* vim-small-debuginfo-9.2.0398-150500.20.49.1
* vim-small-9.2.0398-150500.20.49.1
* vim-debugsource-9.2.0398-150500.20.49.1
* vim-9.2.0398-150500.20.49.1
* openSUSE Leap 15.5 (noarch)
* vim-data-common-9.2.0398-150500.20.49.1
* vim-data-9.2.0398-150500.20.49.1
* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* vim-debuginfo-9.2.0398-150500.20.49.1
* vim-small-9.2.0398-150500.20.49.1
* vim-9.2.0398-150500.20.49.1
* vim-debugsource-9.2.0398-150500.20.49.1
* vim-small-debuginfo-9.2.0398-150500.20.49.1
* Basesystem Module 15-SP7 (noarch)
* vim-data-common-9.2.0398-150500.20.49.1
* vim-data-9.2.0398-150500.20.49.1
* Desktop Applications Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* vim-debugsource-9.2.0398-150500.20.49.1
* gvim-9.2.0398-150500.20.49.1
* gvim-debuginfo-9.2.0398-150500.20.49.1
* vim-debuginfo-9.2.0398-150500.20.49.1

## References:

* https://www.suse.com/security/cve/CVE-2026-39881.html
* https://bugzilla.suse.com/show_bug.cgi?id=1261833



SUSE-SU-2026:2032-1: important: Security update for distribution


# Security update for distribution

Announcement ID: SUSE-SU-2026:2032-1
Release Date: 2026-05-20T09:36:11Z
Rating: important
References:

Affected Products:

* Containers Module 15-SP7
* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that can now be installed.

## Description:

This update for distribution rebuilds it against the current go security
release.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-2032=1

* Containers Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2026-2032=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2032=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2032=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2032=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2032=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2032=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2032=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2032=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2032=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2032=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2032=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* distribution-registry-2.8.3-150400.9.32.1
* Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* distribution-registry-2.8.3-150400.9.32.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* distribution-registry-2.8.3-150400.9.32.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* distribution-registry-2.8.3-150400.9.32.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* distribution-registry-2.8.3-150400.9.32.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* distribution-registry-2.8.3-150400.9.32.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* distribution-registry-2.8.3-150400.9.32.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* distribution-registry-2.8.3-150400.9.32.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* distribution-registry-2.8.3-150400.9.32.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* distribution-registry-2.8.3-150400.9.32.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* distribution-registry-2.8.3-150400.9.32.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* distribution-registry-2.8.3-150400.9.32.1



SUSE-SU-2026:2028-1: important: Security update for postgresql-jdbc


# Security update for postgresql-jdbc

Announcement ID: SUSE-SU-2026:2028-1
Release Date: 2026-05-20T09:08:29Z
Rating: important
References:

* bsc#1264174

Cross-References:

* CVE-2026-42198

CVSS scores:

* CVE-2026-42198 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-42198 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.4
* Server Applications Module 15-SP7
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves one vulnerability can now be installed.

## Description:

This update for postgresql-jdbc fixes the following issue

* CVE-2026-42198: client-side denial of service via malicious SCRAM-SHA-256
authentication (bsc#1264174).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2028=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2028=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2028=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2028=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2028=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-2028=1

* Server Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP7-2026-2028=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2028=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2028=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2028=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2028=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2028=1

## Package List:

* SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
* postgresql-jdbc-42.2.25-150400.3.15.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (noarch)
* postgresql-jdbc-42.2.25-150400.3.15.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* postgresql-jdbc-42.2.25-150400.3.15.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
* postgresql-jdbc-42.2.25-150400.3.15.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch)
* postgresql-jdbc-42.2.25-150400.3.15.1
* openSUSE Leap 15.4 (noarch)
* postgresql-jdbc-javadoc-42.2.25-150400.3.15.1
* postgresql-jdbc-42.2.25-150400.3.15.1
* Server Applications Module 15-SP7 (noarch)
* postgresql-jdbc-42.2.25-150400.3.15.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* postgresql-jdbc-42.2.25-150400.3.15.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* postgresql-jdbc-42.2.25-150400.3.15.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
* postgresql-jdbc-42.2.25-150400.3.15.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
* postgresql-jdbc-42.2.25-150400.3.15.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
* postgresql-jdbc-42.2.25-150400.3.15.1

## References:

* https://www.suse.com/security/cve/CVE-2026-42198.html
* https://bugzilla.suse.com/show_bug.cgi?id=1264174



SUSE-SU-2026:2034-1: important: Security update for buildah


# Security update for buildah

Announcement ID: SUSE-SU-2026:2034-1
Release Date: 2026-05-20T09:38:26Z
Rating: important
References:

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP4

An update that can now be installed.

## Description:

This update for buildah rebuilds it against the current go security release.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-2034=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2034=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2034=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2034=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2034=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* buildah-1.35.5-150400.3.63.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* buildah-1.35.5-150400.3.63.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* buildah-1.35.5-150400.3.63.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* buildah-1.35.5-150400.3.63.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* buildah-1.35.5-150400.3.63.1



openSUSE-SU-2026:10812-1: moderate: distribution-registry-3.1.1-1.1 on GA media


# distribution-registry-3.1.1-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10812-1
Rating: moderate

Cross-References:

* CVE-2026-41888

CVSS scores:

* CVE-2026-41888 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2026-41888 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the distribution-registry-3.1.1-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* distribution-registry 3.1.1-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-41888.html



openSUSE-SU-2026:10816-1: moderate: libpainter0-0.9.27-2.1 on GA media


# libpainter0-0.9.27-2.1 on GA media

Announcement ID: openSUSE-SU-2026:10816-1
Rating: moderate

Cross-References:

* CVE-2024-39917
* CVE-2026-32105
* CVE-2026-32107
* CVE-2026-32623
* CVE-2026-32624
* CVE-2026-33145
* CVE-2026-33689
* CVE-2026-35512

CVSS scores:

* CVE-2024-39917 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2026-32105 ( SUSE ): 8.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
* CVE-2026-32105 ( SUSE ): 9 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:N
* CVE-2026-32107 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2026-32107 ( SUSE ): 7.2 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:H/SI:H/SA:H
* CVE-2026-32623 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2026-32623 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-32624 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2026-32624 ( SUSE ): 6 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2026-33145 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2026-33145 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2026-33689 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H
* CVE-2026-33689 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-35512 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-35512 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 8 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the libpainter0-0.9.27-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* libpainter0 0.9.27-2.1
* librfxencode0 0.9.27-2.1
* xrdp 0.9.27-2.1
* xrdp-devel 0.9.27-2.1

## References:

* https://www.suse.com/security/cve/CVE-2024-39917.html
* https://www.suse.com/security/cve/CVE-2026-32105.html
* https://www.suse.com/security/cve/CVE-2026-32107.html
* https://www.suse.com/security/cve/CVE-2026-32623.html
* https://www.suse.com/security/cve/CVE-2026-32624.html
* https://www.suse.com/security/cve/CVE-2026-33145.html
* https://www.suse.com/security/cve/CVE-2026-33689.html
* https://www.suse.com/security/cve/CVE-2026-35512.html



openSUSE-SU-2026:10815-1: moderate: libsdb2_4_2-6.1.4-2.1 on GA media


# libsdb2_4_2-6.1.4-2.1 on GA media

Announcement ID: openSUSE-SU-2026:10815-1
Rating: moderate

Cross-References:

* CVE-2026-8695

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the libsdb2_4_2-6.1.4-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* libsdb2_4_2 6.1.4-2.1
* radare2 6.1.4-2.1
* radare2-devel 6.1.4-2.1
* radare2-zsh-completion 6.1.4-2.1

## References:

* https://www.suse.com/security/cve/CVE-2026-8695.html



openSUSE-SU-2026:10814-1: moderate: helm-4.2.0-1.1 on GA media


# helm-4.2.0-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10814-1
Rating: moderate

Cross-References:

* CVE-2026-41888

CVSS scores:

* CVE-2026-41888 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2026-41888 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the helm-4.2.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* helm 4.2.0-1.1
* helm-bash-completion 4.2.0-1.1
* helm-fish-completion 4.2.0-1.1
* helm-zsh-completion 4.2.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-41888.html



openSUSE-SU-2026:10813-1: moderate: firefox-esr-140.11.0-1.1 on GA media


# firefox-esr-140.11.0-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10813-1
Rating: moderate

Cross-References:

* CVE-2026-8388
* CVE-2026-8391
* CVE-2026-8401
* CVE-2026-8946
* CVE-2026-8947
* CVE-2026-8949
* CVE-2026-8950
* CVE-2026-8953
* CVE-2026-8954
* CVE-2026-8955
* CVE-2026-8956
* CVE-2026-8957
* CVE-2026-8958
* CVE-2026-8959
* CVE-2026-8961
* CVE-2026-8962
* CVE-2026-8968
* CVE-2026-8970
* CVE-2026-8974
* CVE-2026-8975

CVSS scores:

* CVE-2026-8401 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
* CVE-2026-8946 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2026-8947 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2026-8949 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2026-8950 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
* CVE-2026-8953 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
* CVE-2026-8954 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
* CVE-2026-8955 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2026-8956 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2026-8957 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2026-8958 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
* CVE-2026-8959 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
* CVE-2026-8961 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
* CVE-2026-8962 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
* CVE-2026-8968 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2026-8970 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
* CVE-2026-8974 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2026-8975 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves 20 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the firefox-esr-140.11.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* firefox-esr 140.11.0-1.1
* firefox-esr-branding-upstream 140.11.0-1.1
* firefox-esr-translations-common 140.11.0-1.1
* firefox-esr-translations-other 140.11.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-8388.html
* https://www.suse.com/security/cve/CVE-2026-8391.html
* https://www.suse.com/security/cve/CVE-2026-8401.html
* https://www.suse.com/security/cve/CVE-2026-8946.html
* https://www.suse.com/security/cve/CVE-2026-8947.html
* https://www.suse.com/security/cve/CVE-2026-8949.html
* https://www.suse.com/security/cve/CVE-2026-8950.html
* https://www.suse.com/security/cve/CVE-2026-8953.html
* https://www.suse.com/security/cve/CVE-2026-8954.html
* https://www.suse.com/security/cve/CVE-2026-8955.html
* https://www.suse.com/security/cve/CVE-2026-8956.html
* https://www.suse.com/security/cve/CVE-2026-8957.html
* https://www.suse.com/security/cve/CVE-2026-8958.html
* https://www.suse.com/security/cve/CVE-2026-8959.html
* https://www.suse.com/security/cve/CVE-2026-8961.html
* https://www.suse.com/security/cve/CVE-2026-8962.html
* https://www.suse.com/security/cve/CVE-2026-8968.html
* https://www.suse.com/security/cve/CVE-2026-8970.html
* https://www.suse.com/security/cve/CVE-2026-8974.html
* https://www.suse.com/security/cve/CVE-2026-8975.html


Thunderbird, Firefox, Haveged updates for Slackware

GStreamer, Unbound, GnuTLS, OpenVPN, Rsync, Kernel updates for Ubuntu

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...