OpenSSL, Linux Kernel, Directory Server, and Container Tools updates for SUSE

SUSE 5680 Published by

SUSE released a major batch of security advisories that address numerous critical and important vulnerabilities across its enterprise Linux distributions. The updates primarily target the OpenSSL libraries and livepatch modules, resolving dangerous heap buffer overflows, out-of-bounds reads, and denial of service flaws that could allow remote attackers to compromise system stability. Additional patches cover essential components like the Linux kernel, 389 Directory Server, buildah container tools, and various Python and Perl packages used in openSUSE Tumbleweed environments. Administrators should apply these fixes immediately using zypper or YaST to protect their infrastructure from exploitation before the vulnerabilities are weaponized by threat actors.

SUSE-SU-2026:2404-1: important: Security update for openssl-1_1
SUSE-SU-2026:2409-1: important: Security update for openssl-1_1-livepatches
SUSE-SU-2026:2410-1: important: Security update for openssl-1_1-livepatches
SUSE-SU-2026:2405-1: important: Security update for openssl-1_1
SUSE-SU-2026:2411-1: critical: Security update for openssl-3-livepatches
openSUSE-SU-2026:11036-1: moderate: python311-zeroconf-0.149.16-1.1 on GA media
openSUSE-SU-2026:11034-1: moderate: perl-Crypt-PBKDF2-0.261630-1.1 on GA media
openSUSE-SU-2026:11035-1: moderate: python311-aiosmtplib-5.1.1-1.1 on GA media
openSUSE-SU-2026:11032-1: moderate: google-osconfig-agent-20260611.00-1.1 on GA media
SUSE-SU-2026:2413-1: important: Security update for distribution
SUSE-SU-2026:2415-1: important: Security update for buildah
SUSE-SU-2026:2416-1: important: Security update for buildah
SUSE-SU-2026:2421-1: important: Security update for the Linux Kernel
SUSE-SU-2026:2417-1: important: Security update for 389-ds
SUSE-SU-2026:2418-1: important: Security update for 389-ds
SUSE-SU-2026:2423-1: important: Security update for libcaca




SUSE-SU-2026:2404-1: important: Security update for openssl-1_1


# Security update for openssl-1_1

Announcement ID: SUSE-SU-2026:2404-1
Release Date: 2026-06-16T06:53:51Z
Rating: important
References:

* bsc#1266340
* bsc#1266341
* bsc#1266342
* bsc#1266349
* bsc#1266357

Cross-References:

* CVE-2026-34180
* CVE-2026-42766
* CVE-2026-45447
* CVE-2026-7383
* CVE-2026-9076

CVSS scores:

* CVE-2026-34180 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-34180 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-34180 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-42766 ( SUSE ): 6.8
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-42766 ( SUSE ): 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-42766 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-45447 ( SUSE ): 7.7
CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-45447 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-45447 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-7383 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-7383 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-7383 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-9076 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-9076 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-9076 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves five vulnerabilities can now be installed.

## Description:

This update for openssl-1_1 fixes the following issues:

* CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266357).
* CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption
(bsc#1266349).
* CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption
(bsc#1266341).
* CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String
Conversion (bsc#1266340).
* CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing
(bsc#1266342).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-2404=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2404=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2404=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* openssl-1_1-1.1.1w-150600.5.32.1
* openssl-1_1-debuginfo-1.1.1w-150600.5.32.1
* openssl-1_1-debugsource-1.1.1w-150600.5.32.1
* libopenssl1_1-debuginfo-1.1.1w-150600.5.32.1
* libopenssl1_1-1.1.1w-150600.5.32.1
* libopenssl-1_1-devel-1.1.1w-150600.5.32.1
* openSUSE Leap 15.6 (x86_64)
* libopenssl1_1-32bit-debuginfo-1.1.1w-150600.5.32.1
* libopenssl1_1-32bit-1.1.1w-150600.5.32.1
* libopenssl-1_1-devel-32bit-1.1.1w-150600.5.32.1
* openSUSE Leap 15.6 (noarch)
* openssl-1_1-doc-1.1.1w-150600.5.32.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* libopenssl1_1-64bit-debuginfo-1.1.1w-150600.5.32.1
* libopenssl-1_1-devel-64bit-1.1.1w-150600.5.32.1
* libopenssl1_1-64bit-1.1.1w-150600.5.32.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* openssl-1_1-1.1.1w-150600.5.32.1
* openssl-1_1-debuginfo-1.1.1w-150600.5.32.1
* openssl-1_1-debugsource-1.1.1w-150600.5.32.1
* libopenssl1_1-debuginfo-1.1.1w-150600.5.32.1
* libopenssl1_1-1.1.1w-150600.5.32.1
* libopenssl-1_1-devel-1.1.1w-150600.5.32.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (x86_64)
* libopenssl1_1-32bit-debuginfo-1.1.1w-150600.5.32.1
* libopenssl1_1-32bit-1.1.1w-150600.5.32.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* openssl-1_1-1.1.1w-150600.5.32.1
* openssl-1_1-debuginfo-1.1.1w-150600.5.32.1
* openssl-1_1-debugsource-1.1.1w-150600.5.32.1
* libopenssl1_1-debuginfo-1.1.1w-150600.5.32.1
* libopenssl1_1-1.1.1w-150600.5.32.1
* libopenssl-1_1-devel-1.1.1w-150600.5.32.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64)
* libopenssl1_1-32bit-debuginfo-1.1.1w-150600.5.32.1
* libopenssl1_1-32bit-1.1.1w-150600.5.32.1

## References:

* https://www.suse.com/security/cve/CVE-2026-34180.html
* https://www.suse.com/security/cve/CVE-2026-42766.html
* https://www.suse.com/security/cve/CVE-2026-45447.html
* https://www.suse.com/security/cve/CVE-2026-7383.html
* https://www.suse.com/security/cve/CVE-2026-9076.html
* https://bugzilla.suse.com/show_bug.cgi?id=1266340
* https://bugzilla.suse.com/show_bug.cgi?id=1266341
* https://bugzilla.suse.com/show_bug.cgi?id=1266342
* https://bugzilla.suse.com/show_bug.cgi?id=1266349
* https://bugzilla.suse.com/show_bug.cgi?id=1266357



SUSE-SU-2026:2409-1: important: Security update for openssl-1_1-livepatches


# Security update for openssl-1_1-livepatches

Announcement ID: SUSE-SU-2026:2409-1
Release Date: 2026-06-16T08:07:15Z
Rating: important
References:

* bsc#1266357
* bsc#1266389

Cross-References:

* CVE-2026-45447

CVSS scores:

* CVE-2026-45447 ( SUSE ): 7.7
CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-45447 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-45447 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for openssl-1_1-livepatches fixes the following issues

* CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266357).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-2409=1

* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-2409=1

## Package List:

* openSUSE Leap 15.5 (x86_64)
* openssl-1_1-livepatches-0.6-150500.6.14.1
* openssl-1_1-livepatches-debugsource-0.6-150500.6.14.1
* openssl-1_1-livepatches-debuginfo-0.6-150500.6.14.1
* SUSE Linux Enterprise Live Patching 15-SP5 (x86_64)
* openssl-1_1-livepatches-0.6-150500.6.14.1
* openssl-1_1-livepatches-debugsource-0.6-150500.6.14.1
* openssl-1_1-livepatches-debuginfo-0.6-150500.6.14.1

## References:

* https://www.suse.com/security/cve/CVE-2026-45447.html
* https://bugzilla.suse.com/show_bug.cgi?id=1266357
* https://bugzilla.suse.com/show_bug.cgi?id=1266389



SUSE-SU-2026:2410-1: important: Security update for openssl-1_1-livepatches


# Security update for openssl-1_1-livepatches

Announcement ID: SUSE-SU-2026:2410-1
Release Date: 2026-06-16T08:07:24Z
Rating: important
References:

* bsc#1266357
* bsc#1266389

Cross-References:

* CVE-2026-45447

CVSS scores:

* CVE-2026-45447 ( SUSE ): 7.7
CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-45447 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-45447 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.6
* SUSE Linux Enterprise Live Patching 15-SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for openssl-1_1-livepatches fixes the following issues

* CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266357).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-2410=1

* SUSE Linux Enterprise Live Patching 15-SP6
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-2410=1

## Package List:

* openSUSE Leap 15.6 (x86_64)
* openssl-1_1-livepatches-0.6-150600.11.6.1
* openssl-1_1-livepatches-debugsource-0.6-150600.11.6.1
* openssl-1_1-livepatches-debuginfo-0.6-150600.11.6.1
* SUSE Linux Enterprise Live Patching 15-SP6 (x86_64)
* openssl-1_1-livepatches-0.6-150600.11.6.1
* openssl-1_1-livepatches-debugsource-0.6-150600.11.6.1
* openssl-1_1-livepatches-debuginfo-0.6-150600.11.6.1

## References:

* https://www.suse.com/security/cve/CVE-2026-45447.html
* https://bugzilla.suse.com/show_bug.cgi?id=1266357
* https://bugzilla.suse.com/show_bug.cgi?id=1266389



SUSE-SU-2026:2405-1: important: Security update for openssl-1_1


# Security update for openssl-1_1

Announcement ID: SUSE-SU-2026:2405-1
Release Date: 2026-06-16T06:54:18Z
Rating: important
References:

* bsc#1266340
* bsc#1266341
* bsc#1266342
* bsc#1266349
* bsc#1266357

Cross-References:

* CVE-2026-34180
* CVE-2026-42766
* CVE-2026-45447
* CVE-2026-7383
* CVE-2026-9076

CVSS scores:

* CVE-2026-34180 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-34180 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-34180 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-42766 ( SUSE ): 6.8
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-42766 ( SUSE ): 5.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-42766 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-45447 ( SUSE ): 7.7
CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-45447 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-45447 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-7383 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-7383 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-7383 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-9076 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-9076 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-9076 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves five vulnerabilities can now be installed.

## Description:

This update for openssl-1_1 fixes the following issues:

* CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266357).
* CVE-2026-42766: Possible NULL Dereference in Password-Based CMS Decryption
(bsc#1266349).
* CVE-2026-9076: Out-of-Bounds Read in CMS Password-Based Decryption
(bsc#1266341).
* CVE-2026-7383: Possible Heap Buffer Overflow in ASN.1 Multibyte String
Conversion (bsc#1266340).
* CVE-2026-34180: Heap Buffer Over-read in ASN.1 Content Parsing
(bsc#1266342).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-2405=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2405=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2405=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2405=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2026-2405=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2405=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* libopenssl1_1-1.1.1l-150500.17.57.2
* openssl-1_1-1.1.1l-150500.17.57.2
* libopenssl1_1-hmac-1.1.1l-150500.17.57.2
* libopenssl1_1-debuginfo-1.1.1l-150500.17.57.2
* openssl-1_1-debugsource-1.1.1l-150500.17.57.2
* libopenssl-1_1-devel-1.1.1l-150500.17.57.2
* openssl-1_1-debuginfo-1.1.1l-150500.17.57.2
* openSUSE Leap 15.5 (x86_64)
* libopenssl1_1-32bit-debuginfo-1.1.1l-150500.17.57.2
* libopenssl1_1-32bit-1.1.1l-150500.17.57.2
* libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2
* libopenssl-1_1-devel-32bit-1.1.1l-150500.17.57.2
* openSUSE Leap 15.5 (noarch)
* openssl-1_1-doc-1.1.1l-150500.17.57.2
* openSUSE Leap 15.5 (aarch64_ilp32)
* libopenssl-1_1-devel-64bit-1.1.1l-150500.17.57.2
* libopenssl1_1-64bit-1.1.1l-150500.17.57.2
* libopenssl1_1-64bit-debuginfo-1.1.1l-150500.17.57.2
* libopenssl1_1-hmac-64bit-1.1.1l-150500.17.57.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* libopenssl1_1-1.1.1l-150500.17.57.2
* openssl-1_1-1.1.1l-150500.17.57.2
* libopenssl1_1-hmac-1.1.1l-150500.17.57.2
* libopenssl1_1-debuginfo-1.1.1l-150500.17.57.2
* openssl-1_1-debugsource-1.1.1l-150500.17.57.2
* libopenssl-1_1-devel-1.1.1l-150500.17.57.2
* openssl-1_1-debuginfo-1.1.1l-150500.17.57.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64)
* libopenssl1_1-32bit-debuginfo-1.1.1l-150500.17.57.2
* libopenssl1_1-32bit-1.1.1l-150500.17.57.2
* libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* libopenssl1_1-1.1.1l-150500.17.57.2
* openssl-1_1-1.1.1l-150500.17.57.2
* libopenssl1_1-hmac-1.1.1l-150500.17.57.2
* libopenssl1_1-debuginfo-1.1.1l-150500.17.57.2
* openssl-1_1-debugsource-1.1.1l-150500.17.57.2
* libopenssl-1_1-devel-1.1.1l-150500.17.57.2
* openssl-1_1-debuginfo-1.1.1l-150500.17.57.2
* SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64)
* libopenssl1_1-32bit-debuginfo-1.1.1l-150500.17.57.2
* libopenssl1_1-32bit-1.1.1l-150500.17.57.2
* libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* libopenssl1_1-1.1.1l-150500.17.57.2
* openssl-1_1-1.1.1l-150500.17.57.2
* libopenssl1_1-hmac-1.1.1l-150500.17.57.2
* libopenssl1_1-debuginfo-1.1.1l-150500.17.57.2
* openssl-1_1-debugsource-1.1.1l-150500.17.57.2
* libopenssl-1_1-devel-1.1.1l-150500.17.57.2
* openssl-1_1-debuginfo-1.1.1l-150500.17.57.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64)
* libopenssl1_1-32bit-debuginfo-1.1.1l-150500.17.57.2
* libopenssl1_1-32bit-1.1.1l-150500.17.57.2
* libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* libopenssl1_1-1.1.1l-150500.17.57.2
* openssl-1_1-1.1.1l-150500.17.57.2
* libopenssl1_1-hmac-1.1.1l-150500.17.57.2
* libopenssl1_1-debuginfo-1.1.1l-150500.17.57.2
* openssl-1_1-debugsource-1.1.1l-150500.17.57.2
* libopenssl-1_1-devel-1.1.1l-150500.17.57.2
* openssl-1_1-debuginfo-1.1.1l-150500.17.57.2
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* libopenssl1_1-1.1.1l-150500.17.57.2
* openssl-1_1-1.1.1l-150500.17.57.2
* libopenssl1_1-hmac-1.1.1l-150500.17.57.2
* libopenssl1_1-debuginfo-1.1.1l-150500.17.57.2
* openssl-1_1-debugsource-1.1.1l-150500.17.57.2
* libopenssl-1_1-devel-1.1.1l-150500.17.57.2
* openssl-1_1-debuginfo-1.1.1l-150500.17.57.2
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64)
* libopenssl1_1-32bit-debuginfo-1.1.1l-150500.17.57.2
* libopenssl1_1-32bit-1.1.1l-150500.17.57.2
* libopenssl1_1-hmac-32bit-1.1.1l-150500.17.57.2

## References:

* https://www.suse.com/security/cve/CVE-2026-34180.html
* https://www.suse.com/security/cve/CVE-2026-42766.html
* https://www.suse.com/security/cve/CVE-2026-45447.html
* https://www.suse.com/security/cve/CVE-2026-7383.html
* https://www.suse.com/security/cve/CVE-2026-9076.html
* https://bugzilla.suse.com/show_bug.cgi?id=1266340
* https://bugzilla.suse.com/show_bug.cgi?id=1266341
* https://bugzilla.suse.com/show_bug.cgi?id=1266342
* https://bugzilla.suse.com/show_bug.cgi?id=1266349
* https://bugzilla.suse.com/show_bug.cgi?id=1266357



SUSE-SU-2026:2411-1: critical: Security update for openssl-3-livepatches


# Security update for openssl-3-livepatches

Announcement ID: SUSE-SU-2026:2411-1
Release Date: 2026-06-16T08:07:30Z
Rating: critical
References:

* bsc#1256876
* bsc#1256878
* bsc#1256880
* bsc#1266357
* bsc#1266389

Cross-References:

* CVE-2025-11187
* CVE-2025-15467
* CVE-2025-15468
* CVE-2026-45447

CVSS scores:

* CVE-2025-11187 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-11187 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-11187 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:H
* CVE-2025-15467 ( SUSE ): 9.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2025-15467 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2025-15467 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-15468 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-15468 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-15468 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-45447 ( SUSE ): 7.7
CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-45447 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-45447 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.6
* SUSE Linux Enterprise Live Patching 15-SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves four vulnerabilities and has one security fix can now be
installed.

## Description:

This update for openssl-3-livepatches fixes the following issues:

* CVE-2025-11187: Improper validation of PBMAC1 parameters in PKCS#12 MAC
verification (bsc#1256878).
* CVE-2025-15467: Stack buffer overflow in CMS AuthEnvelopedData parsing
(bsc#1256876).
* CVE-2025-15468: NULL dereference in SSL_CIPHER_find() function on unknown
cipher ID (bsc#1256880).
* CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify() (bsc#1266389,
bsc#1266357).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-2411=1

* SUSE Linux Enterprise Live Patching 15-SP6
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2026-2411=1

## Package List:

* openSUSE Leap 15.6 (x86_64)
* openssl-3-livepatches-debuginfo-0.4-150600.13.11.1
* openssl-3-livepatches-0.4-150600.13.11.1
* openssl-3-livepatches-debugsource-0.4-150600.13.11.1
* SUSE Linux Enterprise Live Patching 15-SP6 (x86_64)
* openssl-3-livepatches-debuginfo-0.4-150600.13.11.1
* openssl-3-livepatches-0.4-150600.13.11.1
* openssl-3-livepatches-debugsource-0.4-150600.13.11.1

## References:

* https://www.suse.com/security/cve/CVE-2025-11187.html
* https://www.suse.com/security/cve/CVE-2025-15467.html
* https://www.suse.com/security/cve/CVE-2025-15468.html
* https://www.suse.com/security/cve/CVE-2026-45447.html
* https://bugzilla.suse.com/show_bug.cgi?id=1256876
* https://bugzilla.suse.com/show_bug.cgi?id=1256878
* https://bugzilla.suse.com/show_bug.cgi?id=1256880
* https://bugzilla.suse.com/show_bug.cgi?id=1266357
* https://bugzilla.suse.com/show_bug.cgi?id=1266389



openSUSE-SU-2026:11036-1: moderate: python311-zeroconf-0.149.16-1.1 on GA media


# python311-zeroconf-0.149.16-1.1 on GA media

Announcement ID: openSUSE-SU-2026:11036-1
Rating: moderate

Cross-References:

* CVE-2026-48487

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the python311-zeroconf-0.149.16-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* python311-zeroconf 0.149.16-1.1
* python313-zeroconf 0.149.16-1.1
* python314-zeroconf 0.149.16-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-48487.html



openSUSE-SU-2026:11034-1: moderate: perl-Crypt-PBKDF2-0.261630-1.1 on GA media


# perl-Crypt-PBKDF2-0.261630-1.1 on GA media

Announcement ID: openSUSE-SU-2026:11034-1
Rating: moderate

Cross-References:

* CVE-2017-20240
* CVE-2026-9638
* CVE-2026-9641

CVSS scores:

* CVE-2017-20240 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-9638 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* openSUSE Tumbleweed

An update that solves 3 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the perl-Crypt-PBKDF2-0.261630-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* perl-Crypt-PBKDF2 0.261630-1.1

## References:

* https://www.suse.com/security/cve/CVE-2017-20240.html
* https://www.suse.com/security/cve/CVE-2026-9638.html
* https://www.suse.com/security/cve/CVE-2026-9641.html



openSUSE-SU-2026:11035-1: moderate: python311-aiosmtplib-5.1.1-1.1 on GA media


# python311-aiosmtplib-5.1.1-1.1 on GA media

Announcement ID: openSUSE-SU-2026:11035-1
Rating: moderate

Cross-References:

* CVE-2026-53533

CVSS scores:

* CVE-2026-53533 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-53533 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:H/SA:N

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the python311-aiosmtplib-5.1.1-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* python311-aiosmtplib 5.1.1-1.1
* python313-aiosmtplib 5.1.1-1.1
* python314-aiosmtplib 5.1.1-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-53533.html



openSUSE-SU-2026:11032-1: moderate: google-osconfig-agent-20260611.00-1.1 on GA media


# google-osconfig-agent-20260611.00-1.1 on GA media

Announcement ID: openSUSE-SU-2026:11032-1
Rating: moderate

Cross-References:

* CVE-2026-33814

CVSS scores:

* CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the google-osconfig-agent-20260611.00-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* google-osconfig-agent 20260611.00-1.1

## References:

* https://www.suse.com/security/cve/CVE-2026-33814.html



SUSE-SU-2026:2413-1: important: Security update for distribution


# Security update for distribution

Announcement ID: SUSE-SU-2026:2413-1
Release Date: 2026-06-16T12:20:29Z
Rating: important
References:

Affected Products:

* Containers Module 15-SP7
* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that can now be installed.

## Description:

This update for distribution rebuilds it against the current go security
release.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-2413=1

* Containers Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2026-2413=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2413=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2413=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2413=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2413=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2413=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2413=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2413=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2413=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2413=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2413=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* distribution-registry-2.8.3-150400.9.34.1
* Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* distribution-registry-2.8.3-150400.9.34.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* distribution-registry-2.8.3-150400.9.34.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* distribution-registry-2.8.3-150400.9.34.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* distribution-registry-2.8.3-150400.9.34.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* distribution-registry-2.8.3-150400.9.34.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* distribution-registry-2.8.3-150400.9.34.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* distribution-registry-2.8.3-150400.9.34.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* distribution-registry-2.8.3-150400.9.34.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* distribution-registry-2.8.3-150400.9.34.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* distribution-registry-2.8.3-150400.9.34.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* distribution-registry-2.8.3-150400.9.34.1



SUSE-SU-2026:2415-1: important: Security update for buildah


# Security update for buildah

Announcement ID: SUSE-SU-2026:2415-1
Release Date: 2026-06-16T12:23:37Z
Rating: important
References:

Affected Products:

* Containers Module 15-SP7
* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that can now be installed.

## Description:

This update for buildah rebuilds it against the current go security release.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-2415=1

* Containers Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Containers-15-SP7-2026-2415=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2415=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2415=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2415=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2415=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2415=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2415=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* buildah-1.35.5-150500.3.59.1
* Containers Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* buildah-1.35.5-150500.3.59.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* buildah-1.35.5-150500.3.59.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* buildah-1.35.5-150500.3.59.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* buildah-1.35.5-150500.3.59.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* buildah-1.35.5-150500.3.59.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* buildah-1.35.5-150500.3.59.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* buildah-1.35.5-150500.3.59.1



SUSE-SU-2026:2416-1: important: Security update for buildah


# Security update for buildah

Announcement ID: SUSE-SU-2026:2416-1
Release Date: 2026-06-16T12:24:12Z
Rating: important
References:

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP4

An update that can now be installed.

## Description:

This update for buildah rebuilds it against the current go security release.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2416=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-2416=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2416=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2416=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2416=1

## Package List:

* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* buildah-1.35.5-150400.3.65.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* buildah-1.35.5-150400.3.65.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* buildah-1.35.5-150400.3.65.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* buildah-1.35.5-150400.3.65.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* buildah-1.35.5-150400.3.65.1



SUSE-SU-2026:2421-1: important: Security update for the Linux Kernel


# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2026:2421-1
Release Date: 2026-06-16T14:36:07Z
Rating: important
References:

* bsc#1263790
* bsc#1263995
* bsc#1264551
* bsc#1266001
* bsc#1266009
* bsc#1266238
* bsc#1266711
* bsc#1266901

Cross-References:

* CVE-2026-31629
* CVE-2026-43037
* CVE-2026-43206
* CVE-2026-43499
* CVE-2026-43501
* CVE-2026-45852
* CVE-2026-46043
* CVE-2026-46243

CVSS scores:

* CVE-2026-31629 ( SUSE ): 8.7
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-31629 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-31629 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-43037 ( SUSE ): 7.7
CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-43037 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-43037 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-43206 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-43206 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-43499 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-43499 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-43499 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-43501 ( SUSE ): 7.1
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2026-43501 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
* CVE-2026-43501 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-45852 ( SUSE ): 7.3
CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-45852 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-45852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-46043 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-46043 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-46043 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
* CVE-2026-46243 ( SUSE ): 8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-46243 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-46243 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-46243 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves eight vulnerabilities can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security
issues

The following security issues were fixed:

* CVE-2026-31629: nfc: llcp: add missing return after LLCP_CLOSED checks
(bsc#1263790).
* CVE-2026-43037: ip6_tunnel: clear skb2->cb in ip4ip6_err() (bsc#1263995).
* CVE-2026-43206: drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set()
(bsc#1264551).
* CVE-2026-43499: rtmutex: Use waiter::task instead of current in
remove_waiter() (bsc#1266001).
* CVE-2026-43501: ipv6: rpl: reserve mac_len headroom when recompressed SRH
grows (bsc#1266009).
* CVE-2026-45852: RDMA/rxe: Fix double free in rxe_srq_from_init
(bsc#1266711).
* CVE-2026-46043: RDMA/rxe: Validate pad and ICRC before payload_size() in
rxe_rcv (bsc#1266901).
* CVE-2026-46243: smb: client: reject userspace cifs.spnego descriptions
(CIFSwitch) (bsc#1266238).

## Special Instructions and Notes:

* Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-2421=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2026-2421=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2421=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2421=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2421=1

* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2026-2421=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2421=1

## Package List:

* openSUSE Leap 15.5 (noarch nosrc)
* kernel-docs-5.14.21-150500.55.169.1
* openSUSE Leap 15.5 (noarch)
* kernel-source-vanilla-5.14.21-150500.55.169.1
* kernel-source-5.14.21-150500.55.169.1
* kernel-macros-5.14.21-150500.55.169.1
* kernel-devel-5.14.21-150500.55.169.1
* kernel-docs-html-5.14.21-150500.55.169.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* kernel-default-devel-5.14.21-150500.55.169.1
* kernel-syms-5.14.21-150500.55.169.1
* kselftests-kmp-default-debuginfo-5.14.21-150500.55.169.1
* ocfs2-kmp-default-debuginfo-5.14.21-150500.55.169.1
* gfs2-kmp-default-5.14.21-150500.55.169.1
* cluster-md-kmp-default-5.14.21-150500.55.169.1
* kernel-default-livepatch-5.14.21-150500.55.169.1
* dlm-kmp-default-debuginfo-5.14.21-150500.55.169.1
* kernel-obs-build-debugsource-5.14.21-150500.55.169.1
* cluster-md-kmp-default-debuginfo-5.14.21-150500.55.169.1
* kernel-obs-build-5.14.21-150500.55.169.1
* dlm-kmp-default-5.14.21-150500.55.169.1
* ocfs2-kmp-default-5.14.21-150500.55.169.1
* reiserfs-kmp-default-5.14.21-150500.55.169.1
* kernel-default-devel-debuginfo-5.14.21-150500.55.169.1
* gfs2-kmp-default-debuginfo-5.14.21-150500.55.169.1
* reiserfs-kmp-default-debuginfo-5.14.21-150500.55.169.1
* kernel-default-debuginfo-5.14.21-150500.55.169.1
* kernel-obs-qa-5.14.21-150500.55.169.1
* kernel-default-optional-5.14.21-150500.55.169.1
* kernel-default-extra-5.14.21-150500.55.169.1
* kernel-default-optional-debuginfo-5.14.21-150500.55.169.1
* kernel-default-extra-debuginfo-5.14.21-150500.55.169.1
* kselftests-kmp-default-5.14.21-150500.55.169.1
* kernel-default-debugsource-5.14.21-150500.55.169.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 nosrc)
* kernel-default-5.14.21-150500.55.169.1
* openSUSE Leap 15.5 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP5_Update_41-debugsource-1-150500.11.3.1
* kernel-livepatch-5_14_21-150500_55_169-default-1-150500.11.3.1
* kernel-default-livepatch-devel-5.14.21-150500.55.169.1
* kernel-livepatch-5_14_21-150500_55_169-default-debuginfo-1-150500.11.3.1
* openSUSE Leap 15.5 (x86_64)
* kernel-default-vdso-debuginfo-5.14.21-150500.55.169.1
* kernel-kvmsmall-vdso-5.14.21-150500.55.169.1
* kernel-kvmsmall-vdso-debuginfo-5.14.21-150500.55.169.1
* kernel-default-vdso-5.14.21-150500.55.169.1
* openSUSE Leap 15.5 (aarch64 nosrc ppc64le x86_64)
* kernel-kvmsmall-5.14.21-150500.55.169.1
* openSUSE Leap 15.5 (aarch64 ppc64le x86_64)
* kernel-kvmsmall-debugsource-5.14.21-150500.55.169.1
* kernel-kvmsmall-devel-debuginfo-5.14.21-150500.55.169.1
* kernel-default-base-rebuild-5.14.21-150500.55.169.1.150500.6.79.1
* kernel-default-base-5.14.21-150500.55.169.1.150500.6.79.1
* kernel-kvmsmall-devel-5.14.21-150500.55.169.1
* kernel-kvmsmall-debuginfo-5.14.21-150500.55.169.1
* openSUSE Leap 15.5 (nosrc s390x)
* kernel-zfcpdump-5.14.21-150500.55.169.1
* openSUSE Leap 15.5 (s390x)
* kernel-zfcpdump-debugsource-5.14.21-150500.55.169.1
* kernel-zfcpdump-debuginfo-5.14.21-150500.55.169.1
* openSUSE Leap 15.5 (nosrc)
* dtb-aarch64-5.14.21-150500.55.169.1
* openSUSE Leap 15.5 (aarch64)
* dtb-allwinner-5.14.21-150500.55.169.1
* cluster-md-kmp-64kb-5.14.21-150500.55.169.1
* kselftests-kmp-64kb-5.14.21-150500.55.169.1
* dtb-renesas-5.14.21-150500.55.169.1
* dtb-apple-5.14.21-150500.55.169.1
* dtb-cavium-5.14.21-150500.55.169.1
* dtb-sprd-5.14.21-150500.55.169.1
* dtb-arm-5.14.21-150500.55.169.1
* dlm-kmp-64kb-debuginfo-5.14.21-150500.55.169.1
* dtb-mediatek-5.14.21-150500.55.169.1
* dtb-broadcom-5.14.21-150500.55.169.1
* kernel-64kb-devel-5.14.21-150500.55.169.1
* dtb-amlogic-5.14.21-150500.55.169.1
* kernel-64kb-extra-debuginfo-5.14.21-150500.55.169.1
* dtb-marvell-5.14.21-150500.55.169.1
* dtb-altera-5.14.21-150500.55.169.1
* gfs2-kmp-64kb-debuginfo-5.14.21-150500.55.169.1
* kernel-64kb-extra-5.14.21-150500.55.169.1
* ocfs2-kmp-64kb-5.14.21-150500.55.169.1
* dtb-rockchip-5.14.21-150500.55.169.1
* kselftests-kmp-64kb-debuginfo-5.14.21-150500.55.169.1
* reiserfs-kmp-64kb-5.14.21-150500.55.169.1
* dtb-hisilicon-5.14.21-150500.55.169.1
* kernel-64kb-optional-5.14.21-150500.55.169.1
* dtb-amazon-5.14.21-150500.55.169.1
* dtb-socionext-5.14.21-150500.55.169.1
* dtb-amd-5.14.21-150500.55.169.1
* dtb-freescale-5.14.21-150500.55.169.1
* kernel-64kb-debuginfo-5.14.21-150500.55.169.1
* kernel-64kb-optional-debuginfo-5.14.21-150500.55.169.1
* kernel-64kb-debugsource-5.14.21-150500.55.169.1
* dtb-exynos-5.14.21-150500.55.169.1
* dtb-lg-5.14.21-150500.55.169.1
* cluster-md-kmp-64kb-debuginfo-5.14.21-150500.55.169.1
* gfs2-kmp-64kb-5.14.21-150500.55.169.1
* dtb-apm-5.14.21-150500.55.169.1
* dtb-qcom-5.14.21-150500.55.169.1
* reiserfs-kmp-64kb-debuginfo-5.14.21-150500.55.169.1
* ocfs2-kmp-64kb-debuginfo-5.14.21-150500.55.169.1
* dtb-nvidia-5.14.21-150500.55.169.1
* kernel-64kb-devel-debuginfo-5.14.21-150500.55.169.1
* dtb-xilinx-5.14.21-150500.55.169.1
* dlm-kmp-64kb-5.14.21-150500.55.169.1
* openSUSE Leap 15.5 (aarch64 nosrc)
* kernel-64kb-5.14.21-150500.55.169.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64 nosrc)
* kernel-default-5.14.21-150500.55.169.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64)
* kernel-default-base-5.14.21-150500.55.169.1.150500.6.79.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* kernel-default-debuginfo-5.14.21-150500.55.169.1
* kernel-default-debugsource-5.14.21-150500.55.169.1
* SUSE Linux Enterprise Micro 5.5 (noarch)
* kernel-source-5.14.21-150500.55.169.1
* kernel-macros-5.14.21-150500.55.169.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* kernel-default-debuginfo-5.14.21-150500.55.169.1
* kernel-default-devel-5.14.21-150500.55.169.1
* ocfs2-kmp-default-debuginfo-5.14.21-150500.55.169.1
* cluster-md-kmp-default-debuginfo-5.14.21-150500.55.169.1
* gfs2-kmp-default-5.14.21-150500.55.169.1
* dlm-kmp-default-5.14.21-150500.55.169.1
* kernel-obs-build-5.14.21-150500.55.169.1
* cluster-md-kmp-default-5.14.21-150500.55.169.1
* kernel-default-base-5.14.21-150500.55.169.1.150500.6.79.1
* kernel-syms-5.14.21-150500.55.169.1
* ocfs2-kmp-default-5.14.21-150500.55.169.1
* dlm-kmp-default-debuginfo-5.14.21-150500.55.169.1
* kernel-default-devel-debuginfo-5.14.21-150500.55.169.1
* gfs2-kmp-default-debuginfo-5.14.21-150500.55.169.1
* kernel-obs-build-debugsource-5.14.21-150500.55.169.1
* kernel-default-debugsource-5.14.21-150500.55.169.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
nosrc)
* kernel-64kb-5.14.21-150500.55.169.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64)
* kernel-64kb-devel-debuginfo-5.14.21-150500.55.169.1
* kernel-64kb-devel-5.14.21-150500.55.169.1
* kernel-64kb-debuginfo-5.14.21-150500.55.169.1
* kernel-64kb-debugsource-5.14.21-150500.55.169.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 nosrc
x86_64)
* kernel-default-5.14.21-150500.55.169.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
* kernel-source-5.14.21-150500.55.169.1
* kernel-macros-5.14.21-150500.55.169.1
* kernel-devel-5.14.21-150500.55.169.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch nosrc)
* kernel-docs-5.14.21-150500.55.169.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* kernel-default-debuginfo-5.14.21-150500.55.169.1
* kernel-default-devel-5.14.21-150500.55.169.1
* ocfs2-kmp-default-debuginfo-5.14.21-150500.55.169.1
* cluster-md-kmp-default-debuginfo-5.14.21-150500.55.169.1
* gfs2-kmp-default-5.14.21-150500.55.169.1
* dlm-kmp-default-5.14.21-150500.55.169.1
* kernel-obs-build-5.14.21-150500.55.169.1
* cluster-md-kmp-default-5.14.21-150500.55.169.1
* kernel-default-base-5.14.21-150500.55.169.1.150500.6.79.1
* kernel-syms-5.14.21-150500.55.169.1
* ocfs2-kmp-default-5.14.21-150500.55.169.1
* dlm-kmp-default-debuginfo-5.14.21-150500.55.169.1
* kernel-default-devel-debuginfo-5.14.21-150500.55.169.1
* gfs2-kmp-default-debuginfo-5.14.21-150500.55.169.1
* kernel-obs-build-debugsource-5.14.21-150500.55.169.1
* kernel-default-debugsource-5.14.21-150500.55.169.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc)
* kernel-64kb-5.14.21-150500.55.169.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64)
* kernel-64kb-devel-debuginfo-5.14.21-150500.55.169.1
* kernel-64kb-devel-5.14.21-150500.55.169.1
* kernel-64kb-debuginfo-5.14.21-150500.55.169.1
* kernel-64kb-debugsource-5.14.21-150500.55.169.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 nosrc
x86_64)
* kernel-default-5.14.21-150500.55.169.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
* kernel-source-5.14.21-150500.55.169.1
* kernel-macros-5.14.21-150500.55.169.1
* kernel-devel-5.14.21-150500.55.169.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch nosrc)
* kernel-docs-5.14.21-150500.55.169.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* kernel-default-debuginfo-5.14.21-150500.55.169.1
* kernel-default-devel-5.14.21-150500.55.169.1
* ocfs2-kmp-default-debuginfo-5.14.21-150500.55.169.1
* cluster-md-kmp-default-debuginfo-5.14.21-150500.55.169.1
* gfs2-kmp-default-5.14.21-150500.55.169.1
* dlm-kmp-default-5.14.21-150500.55.169.1
* kernel-obs-build-5.14.21-150500.55.169.1
* cluster-md-kmp-default-5.14.21-150500.55.169.1
* kernel-syms-5.14.21-150500.55.169.1
* ocfs2-kmp-default-5.14.21-150500.55.169.1
* dlm-kmp-default-debuginfo-5.14.21-150500.55.169.1
* reiserfs-kmp-default-5.14.21-150500.55.169.1
* kernel-default-devel-debuginfo-5.14.21-150500.55.169.1
* gfs2-kmp-default-debuginfo-5.14.21-150500.55.169.1
* kernel-obs-build-debugsource-5.14.21-150500.55.169.1
* reiserfs-kmp-default-debuginfo-5.14.21-150500.55.169.1
* kernel-default-debugsource-5.14.21-150500.55.169.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 nosrc)
* kernel-64kb-5.14.21-150500.55.169.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64)
* kernel-64kb-devel-debuginfo-5.14.21-150500.55.169.1
* kernel-64kb-devel-5.14.21-150500.55.169.1
* kernel-64kb-debuginfo-5.14.21-150500.55.169.1
* kernel-64kb-debugsource-5.14.21-150500.55.169.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64
nosrc)
* kernel-default-5.14.21-150500.55.169.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le x86_64)
* kernel-default-base-5.14.21-150500.55.169.1.150500.6.79.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
* kernel-source-5.14.21-150500.55.169.1
* kernel-macros-5.14.21-150500.55.169.1
* kernel-devel-5.14.21-150500.55.169.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (noarch nosrc)
* kernel-docs-5.14.21-150500.55.169.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (nosrc s390x)
* kernel-zfcpdump-5.14.21-150500.55.169.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (s390x)
* kernel-zfcpdump-debugsource-5.14.21-150500.55.169.1
* kernel-zfcpdump-debuginfo-5.14.21-150500.55.169.1
* SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
* kernel-default-debuginfo-5.14.21-150500.55.169.1
* kernel-livepatch-5_14_21-150500_55_169-default-1-150500.11.3.1
* kernel-livepatch-5_14_21-150500_55_169-default-debuginfo-1-150500.11.3.1
* kernel-default-livepatch-5.14.21-150500.55.169.1
* kernel-livepatch-SLE15-SP5_Update_41-debugsource-1-150500.11.3.1
* kernel-default-livepatch-devel-5.14.21-150500.55.169.1
* kernel-default-debugsource-5.14.21-150500.55.169.1
* SUSE Linux Enterprise Live Patching 15-SP5 (nosrc)
* kernel-default-5.14.21-150500.55.169.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* kernel-default-debuginfo-5.14.21-150500.55.169.1
* kernel-default-devel-5.14.21-150500.55.169.1
* ocfs2-kmp-default-debuginfo-5.14.21-150500.55.169.1
* cluster-md-kmp-default-debuginfo-5.14.21-150500.55.169.1
* gfs2-kmp-default-5.14.21-150500.55.169.1
* dlm-kmp-default-5.14.21-150500.55.169.1
* kernel-obs-build-5.14.21-150500.55.169.1
* cluster-md-kmp-default-5.14.21-150500.55.169.1
* kernel-default-base-5.14.21-150500.55.169.1.150500.6.79.1
* kernel-syms-5.14.21-150500.55.169.1
* ocfs2-kmp-default-5.14.21-150500.55.169.1
* dlm-kmp-default-debuginfo-5.14.21-150500.55.169.1
* reiserfs-kmp-default-5.14.21-150500.55.169.1
* kernel-default-devel-debuginfo-5.14.21-150500.55.169.1
* gfs2-kmp-default-debuginfo-5.14.21-150500.55.169.1
* kernel-obs-build-debugsource-5.14.21-150500.55.169.1
* reiserfs-kmp-default-debuginfo-5.14.21-150500.55.169.1
* kernel-default-debugsource-5.14.21-150500.55.169.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (nosrc ppc64le
x86_64)
* kernel-default-5.14.21-150500.55.169.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
* kernel-source-5.14.21-150500.55.169.1
* kernel-macros-5.14.21-150500.55.169.1
* kernel-devel-5.14.21-150500.55.169.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch nosrc)
* kernel-docs-5.14.21-150500.55.169.1

## References:

* https://www.suse.com/security/cve/CVE-2026-31629.html
* https://www.suse.com/security/cve/CVE-2026-43037.html
* https://www.suse.com/security/cve/CVE-2026-43206.html
* https://www.suse.com/security/cve/CVE-2026-43499.html
* https://www.suse.com/security/cve/CVE-2026-43501.html
* https://www.suse.com/security/cve/CVE-2026-45852.html
* https://www.suse.com/security/cve/CVE-2026-46043.html
* https://www.suse.com/security/cve/CVE-2026-46243.html
* https://bugzilla.suse.com/show_bug.cgi?id=1263790
* https://bugzilla.suse.com/show_bug.cgi?id=1263995
* https://bugzilla.suse.com/show_bug.cgi?id=1264551
* https://bugzilla.suse.com/show_bug.cgi?id=1266001
* https://bugzilla.suse.com/show_bug.cgi?id=1266009
* https://bugzilla.suse.com/show_bug.cgi?id=1266238
* https://bugzilla.suse.com/show_bug.cgi?id=1266711
* https://bugzilla.suse.com/show_bug.cgi?id=1266901



SUSE-SU-2026:2417-1: important: Security update for 389-ds


# Security update for 389-ds

Announcement ID: SUSE-SU-2026:2417-1
Release Date: 2026-06-16T13:29:22Z
Rating: important
References:

* bsc#1265898

Cross-References:

* CVE-2026-9064

CVSS scores:

* CVE-2026-9064 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-9064 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-9064 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves one vulnerability can now be installed.

## Description:

This update for 389-ds fixes the following issue

Update to 2.2.10~git229.1fa7ffdb4:

* CVE-2026-9064: unbounded LDAP controls count in
`get_ldapmessage_controls_ext()` can lead to amplified CPU time and heap
allocation and a denial of service (bsc#1265898).

Changelog:

* Issue 7503 - CVE-2026-9064 - Add a limit to the number controls per
operation
* Issue 7457 - Refactor memberOf perf test (#7458)
* Issue 7431 - password policy - passwordBadWords is ignored in local policies
* Issue 7417 - UI - global password policy syntax settings missing
passwordMaxRepeats
* Issue 3555 - UI - Fix audit issue with npm - brace-expansion (#7411)
* Issue 7088 - Change log level for "Can't locate CSN" error message
* Issue 7423 - cleanup pblock after freeing pre/post entries
* Issue 7418 - Use-after-free in deferred memberof (#7419)
* Issue 7277 - UI - Fix Japanese translation errors errors in Cockpit UI
(#7386)
* Issue 7126 - WARN - keys2idl - received NULL idl from index_read_ext_allids
(#7127)
* Issue 7370 - Runtime LSan/TSan injection for pytest (#7371)
* Issue 7378 - Make sure suffix entry always gets assigned ID 1
* Issue 7380 - Internal op with negative wtime and large optime (#7381)
* Issue 7362 - UI - Some FormSelect onChange parameters are reversed
* Issue 7368 - UI - global password policy page is missing
passwordmintokenlength
* Issue 7366 - Memory leaks in syncrepl plugin during persistent search
operations (#7367)
* Issue 7284 - CI - Fix test_grace_limit_section after pwpolicy validation fix
(#7357)
* Issue 3555 - UI - Fix audit issue with npm - flatted, picomatch (#7364)
* Issue 1704 - DNA plugin creates invalid shared config entry with port 0
(#7352)
* Issue 6753 - Removing ticket 477828 test and porting to DSLdapObject (#6989)
* Issue 7342 - CI - repl config regression (#7343)
* Issue 7319 - Action menu for certificates remains in empty certificate list
(#7320)
* Issue 6868 - UI - schema attribute table expansion break after moving to a
new page
* Issue 7093 - A password policy can be created even when an identical policy
already exists (#7283)
* Issue 7233 - test_produce_division_by_zero fails with IsADirectoryError in
conftest.py (#7234)
* Issue 7152 - ns-slapd fails to shutdown when deferred memberof update is in
progress (#7187)
* Issue 3555 - UI - Fix audit issue with npm - ajv, minimatch (#7298)
* Issue 7291 - Crash when configuring a replica with an incorrect
nsds5ReplicaRoot (#7292)
* Issue 7284 - Creating local password policy succeeds with incorrect
passwordInHistory value (#7285)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2417=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2417=1

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-2417=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2417=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2417=1

## Package List:

* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* 389-ds-devel-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* lib389-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* libsvrcore0-debuginfo-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* 389-ds-debugsource-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* 389-ds-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* libsvrcore0-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* 389-ds-debuginfo-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* 389-ds-devel-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* lib389-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* libsvrcore0-debuginfo-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* 389-ds-debugsource-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* 389-ds-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* libsvrcore0-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* 389-ds-debuginfo-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* 389-ds-devel-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* 389-ds-snmp-debuginfo-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* lib389-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* libsvrcore0-debuginfo-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* 389-ds-debugsource-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* 389-ds-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* libsvrcore0-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* 389-ds-debuginfo-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* 389-ds-snmp-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* 389-ds-devel-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* lib389-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* libsvrcore0-debuginfo-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* 389-ds-debugsource-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* 389-ds-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* libsvrcore0-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* 389-ds-debuginfo-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* 389-ds-devel-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* lib389-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* libsvrcore0-debuginfo-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* 389-ds-debugsource-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* 389-ds-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* libsvrcore0-2.2.10~git229.1fa7ffdb4-150500.3.45.1
* 389-ds-debuginfo-2.2.10~git229.1fa7ffdb4-150500.3.45.1

## References:

* https://www.suse.com/security/cve/CVE-2026-9064.html
* https://bugzilla.suse.com/show_bug.cgi?id=1265898



SUSE-SU-2026:2418-1: important: Security update for 389-ds


# Security update for 389-ds

Announcement ID: SUSE-SU-2026:2418-1
Release Date: 2026-06-16T13:29:42Z
Rating: important
References:

* bsc#1265898

Cross-References:

* CVE-2026-9064

CVSS scores:

* CVE-2026-9064 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-9064 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-9064 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for 389-ds fixes the following issue

Update to 2.2.10~git229.1fa7ffdb4:

* CVE-2026-9064: unbounded LDAP controls count in
`get_ldapmessage_controls_ext()` can lead to amplified CPU time and heap
allocation and a denial of service (bsc#1265898).

Changelog:

* Issue 7503 - CVE-2026-9064 - Add a limit to the number controls per
operation
* Issue 7457 - Refactor memberOf perf test (#7458)
* Issue 7431 - password policy - passwordBadWords is ignored in local policies
* Issue 7417 - UI - global password policy syntax settings missing
passwordMaxRepeats
* Issue 3555 - UI - Fix audit issue with npm - brace-expansion (#7411)
* Issue 7088 - Change log level for "Can't locate CSN" error message
* Issue 7423 - cleanup pblock after freeing pre/post entries
* Issue 7418 - Use-after-free in deferred memberof (#7419)
* Issue 7277 - UI - Fix Japanese translation errors errors in Cockpit UI
(#7386)
* Issue 7126 - WARN - keys2idl - received NULL idl from index_read_ext_allids
(#7127)
* Issue 7370 - Runtime LSan/TSan injection for pytest (#7371)
* Issue 7378 - Make sure suffix entry always gets assigned ID 1
* Issue 7380 - Internal op with negative wtime and large optime (#7381)
* Issue 7362 - UI - Some FormSelect onChange parameters are reversed
* Issue 7368 - UI - global password policy page is missing
passwordmintokenlength
* Issue 7366 - Memory leaks in syncrepl plugin during persistent search
operations (#7367)
* Issue 7284 - CI - Fix test_grace_limit_section after pwpolicy validation fix
(#7357)
* Issue 3555 - UI - Fix audit issue with npm - flatted, picomatch (#7364)
* Issue 1704 - DNA plugin creates invalid shared config entry with port 0
(#7352)
* Issue 6753 - Removing ticket 477828 test and porting to DSLdapObject (#6989)
* Issue 7342 - CI - repl config regression (#7343)
* Issue 7319 - Action menu for certificates remains in empty certificate list
(#7320)
* Issue 6868 - UI - schema attribute table expansion break after moving to a
new page
* Issue 7093 - A password policy can be created even when an identical policy
already exists (#7283)
* Issue 7233 - test_produce_division_by_zero fails with IsADirectoryError in
conftest.py (#7234)
* Issue 7152 - ns-slapd fails to shutdown when deferred memberof update is in
progress (#7187)
* Issue 3555 - UI - Fix audit issue with npm - ajv, minimatch (#7298)
* Issue 7291 - Crash when configuring a replica with an incorrect
nsds5ReplicaRoot (#7292)
* Issue 7284 - Creating local password policy succeeds with incorrect
passwordInHistory value (#7285)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-2418=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2418=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2418=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* lib389-2.2.10~git229.1fa7ffdb4-150600.8.29.1
* libsvrcore0-debuginfo-2.2.10~git229.1fa7ffdb4-150600.8.29.1
* 389-ds-snmp-2.2.10~git229.1fa7ffdb4-150600.8.29.1
* 389-ds-snmp-debuginfo-2.2.10~git229.1fa7ffdb4-150600.8.29.1
* 389-ds-devel-2.2.10~git229.1fa7ffdb4-150600.8.29.1
* 389-ds-2.2.10~git229.1fa7ffdb4-150600.8.29.1
* libsvrcore0-2.2.10~git229.1fa7ffdb4-150600.8.29.1
* 389-ds-debugsource-2.2.10~git229.1fa7ffdb4-150600.8.29.1
* 389-ds-debuginfo-2.2.10~git229.1fa7ffdb4-150600.8.29.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* lib389-2.2.10~git229.1fa7ffdb4-150600.8.29.1
* libsvrcore0-debuginfo-2.2.10~git229.1fa7ffdb4-150600.8.29.1
* 389-ds-devel-2.2.10~git229.1fa7ffdb4-150600.8.29.1
* 389-ds-2.2.10~git229.1fa7ffdb4-150600.8.29.1
* libsvrcore0-2.2.10~git229.1fa7ffdb4-150600.8.29.1
* 389-ds-debugsource-2.2.10~git229.1fa7ffdb4-150600.8.29.1
* 389-ds-debuginfo-2.2.10~git229.1fa7ffdb4-150600.8.29.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* lib389-2.2.10~git229.1fa7ffdb4-150600.8.29.1
* libsvrcore0-debuginfo-2.2.10~git229.1fa7ffdb4-150600.8.29.1
* 389-ds-devel-2.2.10~git229.1fa7ffdb4-150600.8.29.1
* 389-ds-2.2.10~git229.1fa7ffdb4-150600.8.29.1
* libsvrcore0-2.2.10~git229.1fa7ffdb4-150600.8.29.1
* 389-ds-debugsource-2.2.10~git229.1fa7ffdb4-150600.8.29.1
* 389-ds-debuginfo-2.2.10~git229.1fa7ffdb4-150600.8.29.1

## References:

* https://www.suse.com/security/cve/CVE-2026-9064.html
* https://bugzilla.suse.com/show_bug.cgi?id=1265898



SUSE-SU-2026:2423-1: important: Security update for libcaca


# Security update for libcaca

Announcement ID: SUSE-SU-2026:2423-1
Release Date: 2026-06-16T15:16:01Z
Rating: important
References:

* bsc#1264984

Cross-References:

* CVE-2026-42046

CVSS scores:

* CVE-2026-42046 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2026-42046 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:

* Basesystem Module 15-SP7
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves one vulnerability can now be installed.

## Description:

This update for libcaca fixes the following issue

* CVE-2026-42046: an integer overflow vulnerability in libcaca's canvas import
functionality may allow an attacker to cause a controlled heap out-of-bounds
write (bsc#1264984).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-2423=1

* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2423=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2423=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2423=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* caca-utils-0.99.beta20-150600.3.3.1
* libcaca-debugsource-0.99.beta20-150600.3.3.1
* libcaca0-0.99.beta20-150600.3.3.1
* libcaca-ruby-debuginfo-0.99.beta20-150600.3.3.1
* libcaca-ruby-0.99.beta20-150600.3.3.1
* libcaca0-plugins-0.99.beta20-150600.3.3.1
* libcaca0-plugins-debuginfo-0.99.beta20-150600.3.3.1
* caca-utils-debuginfo-0.99.beta20-150600.3.3.1
* libcaca0-debuginfo-0.99.beta20-150600.3.3.1
* libcaca-devel-0.99.beta20-150600.3.3.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* libcaca0-64bit-debuginfo-0.99.beta20-150600.3.3.1
* libcaca0-64bit-0.99.beta20-150600.3.3.1
* libcaca0-plugins-64bit-0.99.beta20-150600.3.3.1
* libcaca0-plugins-64bit-debuginfo-0.99.beta20-150600.3.3.1
* openSUSE Leap 15.6 (x86_64)
* libcaca0-32bit-debuginfo-0.99.beta20-150600.3.3.1
* libcaca0-plugins-32bit-0.99.beta20-150600.3.3.1
* libcaca0-32bit-0.99.beta20-150600.3.3.1
* libcaca0-plugins-32bit-debuginfo-0.99.beta20-150600.3.3.1
* openSUSE Leap 15.6 (noarch)
* python3-caca-0.99.beta20-150600.3.3.1
* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* libcaca-debugsource-0.99.beta20-150600.3.3.1
* libcaca0-0.99.beta20-150600.3.3.1
* libcaca0-plugins-0.99.beta20-150600.3.3.1
* libcaca0-plugins-debuginfo-0.99.beta20-150600.3.3.1
* libcaca0-debuginfo-0.99.beta20-150600.3.3.1
* libcaca-devel-0.99.beta20-150600.3.3.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* libcaca-debugsource-0.99.beta20-150600.3.3.1
* libcaca0-0.99.beta20-150600.3.3.1
* libcaca0-plugins-0.99.beta20-150600.3.3.1
* libcaca0-plugins-debuginfo-0.99.beta20-150600.3.3.1
* libcaca0-debuginfo-0.99.beta20-150600.3.3.1
* libcaca-devel-0.99.beta20-150600.3.3.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* libcaca-debugsource-0.99.beta20-150600.3.3.1
* libcaca0-0.99.beta20-150600.3.3.1
* libcaca0-plugins-0.99.beta20-150600.3.3.1
* libcaca0-plugins-debuginfo-0.99.beta20-150600.3.3.1
* libcaca0-debuginfo-0.99.beta20-150600.3.3.1
* libcaca-devel-0.99.beta20-150600.3.3.1

## References:

* https://www.suse.com/security/cve/CVE-2026-42046.html
* https://bugzilla.suse.com/show_bug.cgi?id=1264984


MySQL, PostgreSQL, and fence-agents updates for Rocky Linux

Ruby FreeRDP, Linux Kernel and OpenStack updates for Ubuntu

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...