Kernel, FFmpeg, Dovecot24, and more updates for SUSE

SUSE 5647 Published 2026-05-15 06:45 by Philipp Esselbach

News

SUSE has released a series of security patches addressing multiple vulnerabilities across its Linux distributions and openSUSE Tumbleweed systems. The most critical update fixes kernel issue CVE-2026-43284, which impacts numerous SLE variants and requires administrators to reboot affected machines after installation. Additional moderate severity updates target common software tools like ffmpeg, GitPython, Dovecot, and various Python packages by replacing outdated versions with patched releases on the general availability media.

SUSE-SU-2026:1857-1: important: Security update for the Linux Kernel
openSUSE-SU-2026:10759-1: moderate: python-Twisted-doc-26.4.0-1.1 on GA media
openSUSE-SU-2026:10767-1: moderate: ffmpeg-4-4.4.6-12.1 on GA media
openSUSE-SU-2026:10765-1: moderate: amazon-ssm-agent-3.3.4268.0-2.1 on GA media
openSUSE-SU-2026:10760-1: moderate: python311-click-8.3.3-2.1 on GA media
openSUSE-SU-2026:10766-1: moderate: dovecot24-2.4.4-1.1 on GA media
openSUSE-SU-2026:10762-1: moderate: rclone-1.74.1-1.1 on GA media
openSUSE-SU-2026:10758-1: moderate: python311-GitPython-3.1.49-1.1 on GA media
openSUSE-SU-2026:10764-1: moderate: syncthing-2.1.0-1.1 on GA media
openSUSE-SU-2026:10763-1: moderate: regclient-0.11.4-1.1 on GA media

SUSE-SU-2026:1857-1: important: Security update for the Linux Kernel

# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2026:1857-1
Release Date: 2026-05-14T14:41:38Z
Rating: important
References:

* bsc#1264449

Cross-References:

* CVE-2026-43284

CVSS scores:

* CVE-2026-43284 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2026-43284 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
* CVE-2026-43284 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise High Availability Extension 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Live Patching 15-SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP4 kernel was updated to fix one issue

* CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags
(bsc#1264449).

## Special Instructions and Notes:

* Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-1857=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2026-1857=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2026-1857=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-1857=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2026-1857=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2026-1857=1

* SUSE Linux Enterprise High Availability Extension 15 SP4
zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2026-1857=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-1857=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-1857=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-1857=1

* SUSE Linux Enterprise Live Patching 15-SP4
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2026-1857=1

## Package List:

* openSUSE Leap 15.4 (aarch64)
* dtb-apm-5.14.21-150400.24.209.1
* dtb-nvidia-5.14.21-150400.24.209.1
* kernel-64kb-debuginfo-5.14.21-150400.24.209.1
* kernel-64kb-debugsource-5.14.21-150400.24.209.1
* dtb-allwinner-5.14.21-150400.24.209.1
* dlm-kmp-64kb-5.14.21-150400.24.209.1
* dlm-kmp-64kb-debuginfo-5.14.21-150400.24.209.1
* reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.209.1
* dtb-freescale-5.14.21-150400.24.209.1
* dtb-altera-5.14.21-150400.24.209.1
* cluster-md-kmp-64kb-5.14.21-150400.24.209.1
* dtb-socionext-5.14.21-150400.24.209.1
* cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.209.1
* kernel-64kb-optional-debuginfo-5.14.21-150400.24.209.1
* dtb-mediatek-5.14.21-150400.24.209.1
* dtb-exynos-5.14.21-150400.24.209.1
* dtb-broadcom-5.14.21-150400.24.209.1
* dtb-amlogic-5.14.21-150400.24.209.1
* dtb-lg-5.14.21-150400.24.209.1
* gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.209.1
* dtb-rockchip-5.14.21-150400.24.209.1
* kernel-64kb-extra-debuginfo-5.14.21-150400.24.209.1
* dtb-sprd-5.14.21-150400.24.209.1
* kernel-64kb-devel-5.14.21-150400.24.209.1
* kernel-64kb-optional-5.14.21-150400.24.209.1
* kernel-64kb-extra-5.14.21-150400.24.209.1
* dtb-qcom-5.14.21-150400.24.209.1
* dtb-renesas-5.14.21-150400.24.209.1
* kselftests-kmp-64kb-5.14.21-150400.24.209.1
* dtb-apple-5.14.21-150400.24.209.1
* dtb-xilinx-5.14.21-150400.24.209.1
* kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.209.1
* ocfs2-kmp-64kb-5.14.21-150400.24.209.1
* dtb-amazon-5.14.21-150400.24.209.1
* dtb-marvell-5.14.21-150400.24.209.1
* reiserfs-kmp-64kb-5.14.21-150400.24.209.1
* dtb-amd-5.14.21-150400.24.209.1
* dtb-arm-5.14.21-150400.24.209.1
* kernel-64kb-devel-debuginfo-5.14.21-150400.24.209.1
* gfs2-kmp-64kb-5.14.21-150400.24.209.1
* dtb-cavium-5.14.21-150400.24.209.1
* dtb-hisilicon-5.14.21-150400.24.209.1
* ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.209.1
* openSUSE Leap 15.4 (aarch64 nosrc)
* kernel-64kb-5.14.21-150400.24.209.1
* openSUSE Leap 15.4 (aarch64 ppc64le x86_64)
* kernel-kvmsmall-devel-5.14.21-150400.24.209.1
* kernel-default-base-5.14.21-150400.24.209.1.150400.24.106.1
* kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.209.1
* kernel-kvmsmall-debuginfo-5.14.21-150400.24.209.1
* kernel-kvmsmall-debugsource-5.14.21-150400.24.209.1
* kernel-default-base-rebuild-5.14.21-150400.24.209.1.150400.24.106.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64)
* kernel-default-devel-5.14.21-150400.24.209.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.209.1
* gfs2-kmp-default-5.14.21-150400.24.209.1
* kernel-default-optional-5.14.21-150400.24.209.1
* kernel-default-debugsource-5.14.21-150400.24.209.1
* reiserfs-kmp-default-5.14.21-150400.24.209.1
* kernel-default-debuginfo-5.14.21-150400.24.209.1
* kernel-default-livepatch-5.14.21-150400.24.209.1
* kernel-default-extra-5.14.21-150400.24.209.1
* gfs2-kmp-default-debuginfo-5.14.21-150400.24.209.1
* ocfs2-kmp-default-5.14.21-150400.24.209.1
* kernel-obs-build-debugsource-5.14.21-150400.24.209.1
* kselftests-kmp-default-debuginfo-5.14.21-150400.24.209.1
* cluster-md-kmp-default-5.14.21-150400.24.209.1
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.209.1
* kernel-syms-5.14.21-150400.24.209.1
* dlm-kmp-default-5.14.21-150400.24.209.1
* kernel-default-optional-debuginfo-5.14.21-150400.24.209.1
* cluster-md-kmp-default-debuginfo-5.14.21-150400.24.209.1
* kernel-default-extra-debuginfo-5.14.21-150400.24.209.1
* dlm-kmp-default-debuginfo-5.14.21-150400.24.209.1
* ocfs2-kmp-default-debuginfo-5.14.21-150400.24.209.1
* kernel-obs-qa-5.14.21-150400.24.209.1
* kselftests-kmp-default-5.14.21-150400.24.209.1
* kernel-obs-build-5.14.21-150400.24.209.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc)
* kernel-default-5.14.21-150400.24.209.1
* openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64)
* kernel-kvmsmall-5.14.21-150400.24.209.1
* openSUSE Leap 15.4 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150400_24_209-default-debuginfo-1-150400.9.3.1
* kernel-livepatch-SLE15-SP4_Update_52-debugsource-1-150400.9.3.1
* kernel-livepatch-5_14_21-150400_24_209-default-1-150400.9.3.1
* kernel-default-livepatch-devel-5.14.21-150400.24.209.1
* openSUSE Leap 15.4 (nosrc s390x)
* kernel-zfcpdump-5.14.21-150400.24.209.1
* openSUSE Leap 15.4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.209.1
* openSUSE Leap 15.4 (noarch)
* kernel-devel-5.14.21-150400.24.209.1
* kernel-source-5.14.21-150400.24.209.1
* kernel-docs-html-5.14.21-150400.24.209.1
* kernel-source-vanilla-5.14.21-150400.24.209.1
* kernel-macros-5.14.21-150400.24.209.1
* openSUSE Leap 15.4 (s390x)
* kernel-zfcpdump-debugsource-5.14.21-150400.24.209.1
* kernel-zfcpdump-debuginfo-5.14.21-150400.24.209.1
* openSUSE Leap 15.4 (nosrc)
* dtb-aarch64-5.14.21-150400.24.209.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.209.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.209.1.150400.24.106.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.14.21-150400.24.209.1
* kernel-default-debugsource-5.14.21-150400.24.209.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
* kernel-source-5.14.21-150400.24.209.1
* kernel-macros-5.14.21-150400.24.209.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.209.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.209.1.150400.24.106.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.14.21-150400.24.209.1
* kernel-default-debugsource-5.14.21-150400.24.209.1
* SUSE Linux Enterprise Micro 5.3 (noarch)
* kernel-source-5.14.21-150400.24.209.1
* kernel-macros-5.14.21-150400.24.209.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.209.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* kernel-devel-5.14.21-150400.24.209.1
* kernel-source-5.14.21-150400.24.209.1
* kernel-macros-5.14.21-150400.24.209.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* kernel-syms-5.14.21-150400.24.209.1
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.209.1
* kernel-default-devel-5.14.21-150400.24.209.1
* kernel-default-base-5.14.21-150400.24.209.1.150400.24.106.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.209.1
* kernel-default-debugsource-5.14.21-150400.24.209.1
* kernel-obs-build-debugsource-5.14.21-150400.24.209.1
* kernel-default-debuginfo-5.14.21-150400.24.209.1
* kernel-obs-build-5.14.21-150400.24.209.1
* reiserfs-kmp-default-5.14.21-150400.24.209.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc
x86_64)
* kernel-default-5.14.21-150400.24.209.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
nosrc)
* kernel-64kb-5.14.21-150400.24.209.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64)
* kernel-64kb-debuginfo-5.14.21-150400.24.209.1
* kernel-64kb-debugsource-5.14.21-150400.24.209.1
* kernel-64kb-devel-debuginfo-5.14.21-150400.24.209.1
* kernel-64kb-devel-5.14.21-150400.24.209.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.209.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.209.1.150400.24.106.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.14.21-150400.24.209.1
* kernel-default-debugsource-5.14.21-150400.24.209.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
* kernel-source-5.14.21-150400.24.209.1
* kernel-macros-5.14.21-150400.24.209.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150400.24.209.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64)
* kernel-default-base-5.14.21-150400.24.209.1.150400.24.106.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.14.21-150400.24.209.1
* kernel-default-debugsource-5.14.21-150400.24.209.1
* SUSE Linux Enterprise Micro 5.4 (noarch)
* kernel-source-5.14.21-150400.24.209.1
* kernel-macros-5.14.21-150400.24.209.1
* SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le
s390x x86_64)
* dlm-kmp-default-5.14.21-150400.24.209.1
* cluster-md-kmp-default-debuginfo-5.14.21-150400.24.209.1
* dlm-kmp-default-debuginfo-5.14.21-150400.24.209.1
* ocfs2-kmp-default-debuginfo-5.14.21-150400.24.209.1
* gfs2-kmp-default-5.14.21-150400.24.209.1
* kernel-default-debugsource-5.14.21-150400.24.209.1
* gfs2-kmp-default-debuginfo-5.14.21-150400.24.209.1
* kernel-default-debuginfo-5.14.21-150400.24.209.1
* ocfs2-kmp-default-5.14.21-150400.24.209.1
* cluster-md-kmp-default-5.14.21-150400.24.209.1
* SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc)
* kernel-default-5.14.21-150400.24.209.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc)
* kernel-64kb-5.14.21-150400.24.209.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64)
* kernel-64kb-debuginfo-5.14.21-150400.24.209.1
* kernel-64kb-debugsource-5.14.21-150400.24.209.1
* kernel-64kb-devel-debuginfo-5.14.21-150400.24.209.1
* kernel-64kb-devel-5.14.21-150400.24.209.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc
x86_64)
* kernel-default-5.14.21-150400.24.209.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* kernel-syms-5.14.21-150400.24.209.1
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.209.1
* kernel-default-devel-5.14.21-150400.24.209.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.209.1
* kernel-default-base-5.14.21-150400.24.209.1.150400.24.106.1
* kernel-default-debugsource-5.14.21-150400.24.209.1
* kernel-default-debuginfo-5.14.21-150400.24.209.1
* kernel-obs-build-debugsource-5.14.21-150400.24.209.1
* kernel-obs-build-5.14.21-150400.24.209.1
* reiserfs-kmp-default-5.14.21-150400.24.209.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* kernel-devel-5.14.21-150400.24.209.1
* kernel-source-5.14.21-150400.24.209.1
* kernel-macros-5.14.21-150400.24.209.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.209.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 nosrc)
* kernel-64kb-5.14.21-150400.24.209.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64
nosrc)
* kernel-default-5.14.21-150400.24.209.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le x86_64)
* kernel-default-base-5.14.21-150400.24.209.1.150400.24.106.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* kernel-syms-5.14.21-150400.24.209.1
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.209.1
* kernel-default-devel-5.14.21-150400.24.209.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.209.1
* kernel-default-debugsource-5.14.21-150400.24.209.1
* kernel-default-debuginfo-5.14.21-150400.24.209.1
* kernel-obs-build-debugsource-5.14.21-150400.24.209.1
* kernel-obs-build-5.14.21-150400.24.209.1
* reiserfs-kmp-default-5.14.21-150400.24.209.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
* kernel-devel-5.14.21-150400.24.209.1
* kernel-source-5.14.21-150400.24.209.1
* kernel-macros-5.14.21-150400.24.209.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (noarch nosrc)
* kernel-docs-5.14.21-150400.24.209.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64)
* kernel-64kb-debuginfo-5.14.21-150400.24.209.1
* kernel-64kb-debugsource-5.14.21-150400.24.209.1
* kernel-64kb-devel-debuginfo-5.14.21-150400.24.209.1
* kernel-64kb-devel-5.14.21-150400.24.209.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (nosrc s390x)
* kernel-zfcpdump-5.14.21-150400.24.209.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (s390x)
* kernel-zfcpdump-debugsource-5.14.21-150400.24.209.1
* kernel-zfcpdump-debuginfo-5.14.21-150400.24.209.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le
x86_64)
* kernel-default-5.14.21-150400.24.209.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* kernel-syms-5.14.21-150400.24.209.1
* reiserfs-kmp-default-debuginfo-5.14.21-150400.24.209.1
* kernel-default-devel-5.14.21-150400.24.209.1
* kernel-default-devel-debuginfo-5.14.21-150400.24.209.1
* kernel-default-base-5.14.21-150400.24.209.1.150400.24.106.1
* kernel-default-debugsource-5.14.21-150400.24.209.1
* kernel-default-debuginfo-5.14.21-150400.24.209.1
* kernel-obs-build-debugsource-5.14.21-150400.24.209.1
* kernel-obs-build-5.14.21-150400.24.209.1
* reiserfs-kmp-default-5.14.21-150400.24.209.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* kernel-devel-5.14.21-150400.24.209.1
* kernel-source-5.14.21-150400.24.209.1
* kernel-macros-5.14.21-150400.24.209.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch nosrc)
* kernel-docs-5.14.21-150400.24.209.1
* SUSE Linux Enterprise Live Patching 15-SP4 (nosrc)
* kernel-default-5.14.21-150400.24.209.1
* SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP4_Update_52-debugsource-1-150400.9.3.1
* kernel-default-livepatch-devel-5.14.21-150400.24.209.1
* kernel-livepatch-5_14_21-150400_24_209-default-debuginfo-1-150400.9.3.1
* kernel-default-debugsource-5.14.21-150400.24.209.1
* kernel-default-debuginfo-5.14.21-150400.24.209.1
* kernel-default-livepatch-5.14.21-150400.24.209.1
* kernel-livepatch-5_14_21-150400_24_209-default-1-150400.9.3.1

## References:

* https://www.suse.com/security/cve/CVE-2026-43284.html
* https://bugzilla.suse.com/show_bug.cgi?id=1264449

openSUSE-SU-2026:10759-1: moderate: python-Twisted-doc-26.4.0-1.1 on GA media

# python-Twisted-doc-26.4.0-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10759-1
Rating: moderate

Cross-References:

* CVE-2026-42304

CVSS scores:

* CVE-2026-42304 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the python-Twisted-doc-26.4.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* python-Twisted-doc 26.4.0-1.1
* python311-Twisted 26.4.0-1.1
* python311-Twisted-all_non_platform 26.4.0-1.1
* python311-Twisted-conch 26.4.0-1.1
* python311-Twisted-conch_nacl 26.4.0-1.1
* python311-Twisted-contextvars 26.4.0-1.1
* python311-Twisted-http2 26.4.0-1.1
* python311-Twisted-serial 26.4.0-1.1
* python311-Twisted-tls 26.4.0-1.1
* python313-Twisted 26.4.0-1.1
* python313-Twisted-all_non_platform 26.4.0-1.1
* python313-Twisted-conch 26.4.0-1.1
* python313-Twisted-conch_nacl 26.4.0-1.1
* python313-Twisted-contextvars 26.4.0-1.1
* python313-Twisted-http2 26.4.0-1.1
* python313-Twisted-serial 26.4.0-1.1
* python313-Twisted-tls 26.4.0-1.1
* python314-Twisted 26.4.0-1.1
* python314-Twisted-all_non_platform 26.4.0-1.1
* python314-Twisted-conch 26.4.0-1.1
* python314-Twisted-conch_nacl 26.4.0-1.1
* python314-Twisted-contextvars 26.4.0-1.1
* python314-Twisted-http2 26.4.0-1.1
* python314-Twisted-serial 26.4.0-1.1
* python314-Twisted-tls 26.4.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-42304.html

openSUSE-SU-2026:10767-1: moderate: ffmpeg-4-4.4.6-12.1 on GA media

# ffmpeg-4-4.4.6-12.1 on GA media

Announcement ID: openSUSE-SU-2026:10767-1
Rating: moderate

Cross-References:

* CVE-2026-40962

CVSS scores:

* CVE-2026-40962 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2026-40962 ( SUSE ): 2.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the ffmpeg-4-4.4.6-12.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* ffmpeg-4 4.4.6-12.1
* ffmpeg-4-libavcodec-devel 4.4.6-12.1
* ffmpeg-4-libavdevice-devel 4.4.6-12.1
* ffmpeg-4-libavfilter-devel 4.4.6-12.1
* ffmpeg-4-libavformat-devel 4.4.6-12.1
* ffmpeg-4-libavresample-devel 4.4.6-12.1
* ffmpeg-4-libavutil-devel 4.4.6-12.1
* ffmpeg-4-libpostproc-devel 4.4.6-12.1
* ffmpeg-4-libswresample-devel 4.4.6-12.1
* ffmpeg-4-libswscale-devel 4.4.6-12.1
* ffmpeg-4-private-devel 4.4.6-12.1
* libavcodec58_134 4.4.6-12.1
* libavdevice58_13 4.4.6-12.1
* libavfilter7_110 4.4.6-12.1
* libavformat58_76 4.4.6-12.1
* libavresample4_0 4.4.6-12.1
* libavutil56_70 4.4.6-12.1
* libpostproc55_9 4.4.6-12.1
* libswresample3_9 4.4.6-12.1
* libswscale5_9 4.4.6-12.1

## References:

* https://www.suse.com/security/cve/CVE-2026-40962.html

openSUSE-SU-2026:10765-1: moderate: amazon-ssm-agent-3.3.4268.0-2.1 on GA media

# amazon-ssm-agent-3.3.4268.0-2.1 on GA media

Announcement ID: openSUSE-SU-2026:10765-1
Rating: moderate

Cross-References:

* CVE-2026-41506

CVSS scores:

* CVE-2026-41506 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
* CVE-2026-41506 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the amazon-ssm-agent-3.3.4268.0-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* amazon-ssm-agent 3.3.4268.0-2.1

## References:

* https://www.suse.com/security/cve/CVE-2026-41506.html

openSUSE-SU-2026:10760-1: moderate: python311-click-8.3.3-2.1 on GA media

# python311-click-8.3.3-2.1 on GA media

Announcement ID: openSUSE-SU-2026:10760-1
Rating: moderate

Cross-References:

* CVE-2026-7246

CVSS scores:

* CVE-2026-7246 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
* CVE-2026-7246 ( SUSE ): 5.4 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the python311-click-8.3.3-2.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* python311-click 8.3.3-2.1
* python312-click 8.3.3-2.1
* python313-click 8.3.3-2.1
* python314-click 8.3.3-2.1

## References:

* https://www.suse.com/security/cve/CVE-2026-7246.html

openSUSE-SU-2026:10766-1: moderate: dovecot24-2.4.4-1.1 on GA media

# dovecot24-2.4.4-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10766-1
Rating: moderate

Cross-References:

* CVE-2026-27851
* CVE-2026-33603
* CVE-2026-40016
* CVE-2026-40020
* CVE-2026-42006

CVSS scores:

* CVE-2026-27851 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-27851 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-33603 ( SUSE ): 6.8 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2026-33603 ( SUSE ): 7.6 CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
* CVE-2026-40016 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-40016 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-40020 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-40020 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-42006 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-42006 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 5 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the dovecot24-2.4.4-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* dovecot24 2.4.4-1.1
* dovecot24-backend-mysql 2.4.4-1.1
* dovecot24-backend-pgsql 2.4.4-1.1
* dovecot24-backend-sqlite 2.4.4-1.1
* dovecot24-devel 2.4.4-1.1
* dovecot24-fts 2.4.4-1.1
* dovecot24-fts-flatcurve 2.4.4-1.1
* dovecot24-fts-solr 2.4.4-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-27851.html
* https://www.suse.com/security/cve/CVE-2026-33603.html
* https://www.suse.com/security/cve/CVE-2026-40016.html
* https://www.suse.com/security/cve/CVE-2026-40020.html
* https://www.suse.com/security/cve/CVE-2026-42006.html

openSUSE-SU-2026:10762-1: moderate: rclone-1.74.1-1.1 on GA media

# rclone-1.74.1-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10762-1
Rating: moderate

Cross-References:

* CVE-2026-33814

CVSS scores:

* CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the rclone-1.74.1-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* rclone 1.74.1-1.1
* rclone-bash-completion 1.74.1-1.1
* rclone-zsh-completion 1.74.1-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-33814.html

openSUSE-SU-2026:10758-1: moderate: python311-GitPython-3.1.49-1.1 on GA media

# python311-GitPython-3.1.49-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10758-1
Rating: moderate

Cross-References:

* CVE-2026-42215
* CVE-2026-44243
* CVE-2026-44244

CVSS scores:

* CVE-2026-42215 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-44243 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H
* CVE-2026-44243 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-44244 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves 3 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the python311-GitPython-3.1.49-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* python311-GitPython 3.1.49-1.1
* python313-GitPython 3.1.49-1.1
* python314-GitPython 3.1.49-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-42215.html
* https://www.suse.com/security/cve/CVE-2026-44243.html
* https://www.suse.com/security/cve/CVE-2026-44244.html

openSUSE-SU-2026:10764-1: moderate: syncthing-2.1.0-1.1 on GA media

# syncthing-2.1.0-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10764-1
Rating: moderate

Cross-References:

* CVE-2020-11022

CVSS scores:

* CVE-2020-11022 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the syncthing-2.1.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* syncthing 2.1.0-1.1
* syncthing-relaysrv 2.1.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2020-11022.html

openSUSE-SU-2026:10763-1: moderate: regclient-0.11.4-1.1 on GA media

# regclient-0.11.4-1.1 on GA media

Announcement ID: openSUSE-SU-2026:10763-1
Rating: moderate

Cross-References:

* CVE-2026-33814

CVSS scores:

* CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the regclient-0.11.4-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* regclient 0.11.4-1.1
* regclient-bash-completion 0.11.4-1.1
* regclient-fish-completion 0.11.4-1.1
* regclient-zsh-completion 0.11.4-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-33814.html

Jq, Kernel, GIMP, and more updates for Rocky Linux

Nginx and Avahi updates for Ubuntu

Kernel, FFmpeg, Dovecot24, and more updates for SUSE

SUSE-SU-2026:1857-1: important: Security update for the Linux Kernel

openSUSE-SU-2026:10759-1: moderate: python-Twisted-doc-26.4.0-1.1 on GA media

openSUSE-SU-2026:10767-1: moderate: ffmpeg-4-4.4.6-12.1 on GA media

openSUSE-SU-2026:10765-1: moderate: amazon-ssm-agent-3.3.4268.0-2.1 on GA media

openSUSE-SU-2026:10760-1: moderate: python311-click-8.3.3-2.1 on GA media

openSUSE-SU-2026:10766-1: moderate: dovecot24-2.4.4-1.1 on GA media

openSUSE-SU-2026:10762-1: moderate: rclone-1.74.1-1.1 on GA media

openSUSE-SU-2026:10758-1: moderate: python311-GitPython-3.1.49-1.1 on GA media

openSUSE-SU-2026:10764-1: moderate: syncthing-2.1.0-1.1 on GA media

openSUSE-SU-2026:10763-1: moderate: regclient-0.11.4-1.1 on GA media

Windows

Linux

macOS

Community