OpenvSwitch, Libarchive, RMT Server, and Python Libraries updates for SUSE

SUSE 5686 Published by

SUSE issued a comprehensive set of critical and important security advisories, targeting multiple widely used software packages. These updates address numerous vulnerabilities across networking frameworks like openvswitch, repository managers, system libraries including libarchive and Graphite2, and Python modules such as urllib3 and NLTK. The patched flaws cover dangerous attack vectors that could enable heap overreads, denial of service attacks, information leakage, and arbitrary code execution on affected systems.

SUSE-SU-2026:2475-1: important: Security update for openvswitch
SUSE-SU-2026:2476-1: important: Security update for openvswitch3
SUSE-SU-2026:2478-1: important: Security update for graphite2
SUSE-SU-2026:2481-1: important: Security update for openvswitch
SUSE-SU-2026:2483-1: important: Security update for python-python-multipart
SUSE-SU-2026:2487-1: important: Security update for rmt-server
SUSE-SU-2026:2486-1: important: Security update for python-urllib3
openSUSE-SU-2026:0211-1: important: Security update for python-nltk
SUSE-SU-2026:2489-1: moderate: Security update for postfix
SUSE-SU-2026:2490-1: important: Security update for libarchive




SUSE-SU-2026:2475-1: important: Security update for openvswitch


# Security update for openvswitch

Announcement ID: SUSE-SU-2026:2475-1
Release Date: 2026-06-22T08:23:52Z
Rating: important
References:

* bsc#1262498
* bsc#1262499

Cross-References:

* CVE-2026-5265
* CVE-2026-5367

CVSS scores:

* CVE-2026-5265 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-5265 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
* CVE-2026-5367 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-5367 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Affected Products:

* openSUSE Leap 15.6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves two vulnerabilities can now be installed.

## Description:

This update for openvswitch fixes the following issues

* CVE-2026-5265: heap over-read in ICMP error response generation
(bsc#1262498).
* CVE-2026-5367: heap over-read in OVN DHCPv6 client ID processing
(bsc#1262499).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2475=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2475=1

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-2475=1

## Package List:

* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* libopenvswitch-3_1-0-3.1.7-150600.33.15.1
* libopenvswitch-3_1-0-debuginfo-3.1.7-150600.33.15.1
* ovn-docker-23.03.3-150600.33.15.1
* ovn-central-debuginfo-23.03.3-150600.33.15.1
* ovn-vtep-debuginfo-23.03.3-150600.33.15.1
* ovn-devel-23.03.3-150600.33.15.1
* python3-ovs-3.1.7-150600.33.15.1
* ovn-debuginfo-23.03.3-150600.33.15.1
* openvswitch-devel-3.1.7-150600.33.15.1
* ovn-host-debuginfo-23.03.3-150600.33.15.1
* openvswitch-3.1.7-150600.33.15.1
* ovn-vtep-23.03.3-150600.33.15.1
* openvswitch-ipsec-3.1.7-150600.33.15.1
* openvswitch-vtep-debuginfo-3.1.7-150600.33.15.1
* openvswitch-debugsource-3.1.7-150600.33.15.1
* openvswitch-test-debuginfo-3.1.7-150600.33.15.1
* libovn-23_03-0-23.03.3-150600.33.15.1
* openvswitch-vtep-3.1.7-150600.33.15.1
* ovn-host-23.03.3-150600.33.15.1
* ovn-central-23.03.3-150600.33.15.1
* ovn-23.03.3-150600.33.15.1
* libovn-23_03-0-debuginfo-23.03.3-150600.33.15.1
* openvswitch-debuginfo-3.1.7-150600.33.15.1
* openvswitch-test-3.1.7-150600.33.15.1
* openvswitch-pki-3.1.7-150600.33.15.1
* openSUSE Leap 15.6 (aarch64 i586 ppc64le s390x x86_64)
* libopenvswitch-3_1-0-3.1.7-150600.33.15.1
* libopenvswitch-3_1-0-debuginfo-3.1.7-150600.33.15.1
* ovn-docker-23.03.3-150600.33.15.1
* ovn-central-debuginfo-23.03.3-150600.33.15.1
* ovn-vtep-debuginfo-23.03.3-150600.33.15.1
* ovn-devel-23.03.3-150600.33.15.1
* python3-ovs-3.1.7-150600.33.15.1
* ovn-debuginfo-23.03.3-150600.33.15.1
* openvswitch-devel-3.1.7-150600.33.15.1
* ovn-host-debuginfo-23.03.3-150600.33.15.1
* openvswitch-3.1.7-150600.33.15.1
* ovn-vtep-23.03.3-150600.33.15.1
* openvswitch-ipsec-3.1.7-150600.33.15.1
* openvswitch-vtep-debuginfo-3.1.7-150600.33.15.1
* libovn-23_03-0-23.03.3-150600.33.15.1
* openvswitch-debugsource-3.1.7-150600.33.15.1
* openvswitch-test-debuginfo-3.1.7-150600.33.15.1
* openvswitch-vtep-3.1.7-150600.33.15.1
* ovn-host-23.03.3-150600.33.15.1
* ovn-central-23.03.3-150600.33.15.1
* libovn-23_03-0-debuginfo-23.03.3-150600.33.15.1
* openvswitch-debuginfo-3.1.7-150600.33.15.1
* ovn-23.03.3-150600.33.15.1
* openvswitch-test-3.1.7-150600.33.15.1
* openvswitch-pki-3.1.7-150600.33.15.1
* openSUSE Leap 15.6 (noarch)
* openvswitch-doc-3.1.7-150600.33.15.1
* ovn-doc-23.03.3-150600.33.15.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* libopenvswitch-3_1-0-3.1.7-150600.33.15.1
* libopenvswitch-3_1-0-debuginfo-3.1.7-150600.33.15.1
* ovn-docker-23.03.3-150600.33.15.1
* ovn-central-debuginfo-23.03.3-150600.33.15.1
* ovn-vtep-debuginfo-23.03.3-150600.33.15.1
* ovn-devel-23.03.3-150600.33.15.1
* python3-ovs-3.1.7-150600.33.15.1
* ovn-debuginfo-23.03.3-150600.33.15.1
* openvswitch-devel-3.1.7-150600.33.15.1
* ovn-host-debuginfo-23.03.3-150600.33.15.1
* openvswitch-3.1.7-150600.33.15.1
* ovn-vtep-23.03.3-150600.33.15.1
* openvswitch-ipsec-3.1.7-150600.33.15.1
* openvswitch-vtep-debuginfo-3.1.7-150600.33.15.1
* libovn-23_03-0-23.03.3-150600.33.15.1
* openvswitch-test-debuginfo-3.1.7-150600.33.15.1
* openvswitch-debugsource-3.1.7-150600.33.15.1
* openvswitch-vtep-3.1.7-150600.33.15.1
* ovn-host-23.03.3-150600.33.15.1
* ovn-central-23.03.3-150600.33.15.1
* ovn-23.03.3-150600.33.15.1
* openvswitch-debuginfo-3.1.7-150600.33.15.1
* libovn-23_03-0-debuginfo-23.03.3-150600.33.15.1
* openvswitch-test-3.1.7-150600.33.15.1
* openvswitch-pki-3.1.7-150600.33.15.1

## References:

* https://www.suse.com/security/cve/CVE-2026-5265.html
* https://www.suse.com/security/cve/CVE-2026-5367.html
* https://bugzilla.suse.com/show_bug.cgi?id=1262498
* https://bugzilla.suse.com/show_bug.cgi?id=1262499



SUSE-SU-2026:2476-1: important: Security update for openvswitch3


# Security update for openvswitch3

Announcement ID: SUSE-SU-2026:2476-1
Release Date: 2026-06-22T08:24:24Z
Rating: important
References:

* bsc#1262498
* bsc#1262499

Cross-References:

* CVE-2026-5265
* CVE-2026-5367

CVSS scores:

* CVE-2026-5265 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-5265 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
* CVE-2026-5367 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-5367 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Affected Products:

* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves two vulnerabilities can now be installed.

## Description:

This update for openvswitch3 fixes the following issues

* CVE-2026-5265: heap over-read in ICMP error response generation
(bsc#1262498).
* CVE-2026-5367: heap over-read in OVN DHCPv6 client ID processing
(bsc#1262499).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2476=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2026-2476=1

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-2476=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2476=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2476=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2476=1

## Package List:

* openSUSE Leap 15.5 (aarch64 i586 ppc64le s390x x86_64)
* ovn3-debuginfo-23.03.3-150500.3.31.1
* libovn-23_03-0-23.03.3-150500.3.31.1
* ovn3-host-debuginfo-23.03.3-150500.3.31.1
* openvswitch3-vtep-3.1.7-150500.3.31.1
* ovn3-vtep-23.03.3-150500.3.31.1
* openvswitch3-3.1.7-150500.3.31.1
* openvswitch3-test-debuginfo-3.1.7-150500.3.31.1
* python3-ovs3-3.1.7-150500.3.31.1
* libopenvswitch-3_1-0-3.1.7-150500.3.31.1
* openvswitch3-debuginfo-3.1.7-150500.3.31.1
* openvswitch3-devel-3.1.7-150500.3.31.1
* ovn3-central-23.03.3-150500.3.31.1
* ovn3-docker-23.03.3-150500.3.31.1
* libopenvswitch-3_1-0-debuginfo-3.1.7-150500.3.31.1
* libovn-23_03-0-debuginfo-23.03.3-150500.3.31.1
* ovn3-host-23.03.3-150500.3.31.1
* ovn3-23.03.3-150500.3.31.1
* openvswitch3-pki-3.1.7-150500.3.31.1
* openvswitch3-debugsource-3.1.7-150500.3.31.1
* openvswitch3-test-3.1.7-150500.3.31.1
* openvswitch3-ipsec-3.1.7-150500.3.31.1
* ovn3-central-debuginfo-23.03.3-150500.3.31.1
* openvswitch3-vtep-debuginfo-3.1.7-150500.3.31.1
* ovn3-devel-23.03.3-150500.3.31.1
* ovn3-vtep-debuginfo-23.03.3-150500.3.31.1
* openSUSE Leap 15.5 (noarch)
* ovn3-doc-23.03.3-150500.3.31.1
* openvswitch3-doc-3.1.7-150500.3.31.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* ovn3-debuginfo-23.03.3-150500.3.31.1
* libovn-23_03-0-23.03.3-150500.3.31.1
* ovn3-host-debuginfo-23.03.3-150500.3.31.1
* openvswitch3-vtep-3.1.7-150500.3.31.1
* ovn3-vtep-23.03.3-150500.3.31.1
* openvswitch3-3.1.7-150500.3.31.1
* openvswitch3-test-debuginfo-3.1.7-150500.3.31.1
* python3-ovs3-3.1.7-150500.3.31.1
* libopenvswitch-3_1-0-3.1.7-150500.3.31.1
* openvswitch3-debuginfo-3.1.7-150500.3.31.1
* openvswitch3-devel-3.1.7-150500.3.31.1
* ovn3-central-23.03.3-150500.3.31.1
* ovn3-docker-23.03.3-150500.3.31.1
* libopenvswitch-3_1-0-debuginfo-3.1.7-150500.3.31.1
* ovn3-host-23.03.3-150500.3.31.1
* ovn3-23.03.3-150500.3.31.1
* libovn-23_03-0-debuginfo-23.03.3-150500.3.31.1
* openvswitch3-pki-3.1.7-150500.3.31.1
* openvswitch3-debugsource-3.1.7-150500.3.31.1
* openvswitch3-test-3.1.7-150500.3.31.1
* openvswitch3-ipsec-3.1.7-150500.3.31.1
* ovn3-central-debuginfo-23.03.3-150500.3.31.1
* openvswitch3-vtep-debuginfo-3.1.7-150500.3.31.1
* ovn3-devel-23.03.3-150500.3.31.1
* ovn3-vtep-debuginfo-23.03.3-150500.3.31.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* ovn3-debuginfo-23.03.3-150500.3.31.1
* libovn-23_03-0-23.03.3-150500.3.31.1
* ovn3-host-debuginfo-23.03.3-150500.3.31.1
* openvswitch3-vtep-3.1.7-150500.3.31.1
* ovn3-vtep-23.03.3-150500.3.31.1
* openvswitch3-3.1.7-150500.3.31.1
* openvswitch3-test-debuginfo-3.1.7-150500.3.31.1
* python3-ovs3-3.1.7-150500.3.31.1
* libopenvswitch-3_1-0-3.1.7-150500.3.31.1
* openvswitch3-debuginfo-3.1.7-150500.3.31.1
* openvswitch3-devel-3.1.7-150500.3.31.1
* ovn3-central-23.03.3-150500.3.31.1
* ovn3-docker-23.03.3-150500.3.31.1
* libopenvswitch-3_1-0-debuginfo-3.1.7-150500.3.31.1
* libovn-23_03-0-debuginfo-23.03.3-150500.3.31.1
* ovn3-23.03.3-150500.3.31.1
* ovn3-host-23.03.3-150500.3.31.1
* openvswitch3-pki-3.1.7-150500.3.31.1
* openvswitch3-debugsource-3.1.7-150500.3.31.1
* openvswitch3-test-3.1.7-150500.3.31.1
* openvswitch3-ipsec-3.1.7-150500.3.31.1
* ovn3-central-debuginfo-23.03.3-150500.3.31.1
* openvswitch3-vtep-debuginfo-3.1.7-150500.3.31.1
* ovn3-devel-23.03.3-150500.3.31.1
* ovn3-vtep-debuginfo-23.03.3-150500.3.31.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* ovn3-debuginfo-23.03.3-150500.3.31.1
* libovn-23_03-0-23.03.3-150500.3.31.1
* ovn3-host-debuginfo-23.03.3-150500.3.31.1
* openvswitch3-vtep-3.1.7-150500.3.31.1
* ovn3-vtep-23.03.3-150500.3.31.1
* openvswitch3-3.1.7-150500.3.31.1
* python3-ovs3-3.1.7-150500.3.31.1
* libopenvswitch-3_1-0-3.1.7-150500.3.31.1
* openvswitch3-debuginfo-3.1.7-150500.3.31.1
* ovn3-central-23.03.3-150500.3.31.1
* ovn3-docker-23.03.3-150500.3.31.1
* libopenvswitch-3_1-0-debuginfo-3.1.7-150500.3.31.1
* libovn-23_03-0-debuginfo-23.03.3-150500.3.31.1
* ovn3-23.03.3-150500.3.31.1
* ovn3-host-23.03.3-150500.3.31.1
* openvswitch3-pki-3.1.7-150500.3.31.1
* openvswitch3-debugsource-3.1.7-150500.3.31.1
* ovn3-central-debuginfo-23.03.3-150500.3.31.1
* openvswitch3-vtep-debuginfo-3.1.7-150500.3.31.1
* ovn3-vtep-debuginfo-23.03.3-150500.3.31.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* ovn3-debuginfo-23.03.3-150500.3.31.1
* libovn-23_03-0-23.03.3-150500.3.31.1
* ovn3-host-debuginfo-23.03.3-150500.3.31.1
* openvswitch3-vtep-3.1.7-150500.3.31.1
* ovn3-vtep-23.03.3-150500.3.31.1
* openvswitch3-3.1.7-150500.3.31.1
* openvswitch3-test-debuginfo-3.1.7-150500.3.31.1
* python3-ovs3-3.1.7-150500.3.31.1
* libopenvswitch-3_1-0-3.1.7-150500.3.31.1
* openvswitch3-debuginfo-3.1.7-150500.3.31.1
* openvswitch3-devel-3.1.7-150500.3.31.1
* ovn3-central-23.03.3-150500.3.31.1
* ovn3-docker-23.03.3-150500.3.31.1
* libopenvswitch-3_1-0-debuginfo-3.1.7-150500.3.31.1
* ovn3-host-23.03.3-150500.3.31.1
* ovn3-23.03.3-150500.3.31.1
* libovn-23_03-0-debuginfo-23.03.3-150500.3.31.1
* openvswitch3-pki-3.1.7-150500.3.31.1
* openvswitch3-debugsource-3.1.7-150500.3.31.1
* openvswitch3-ipsec-3.1.7-150500.3.31.1
* openvswitch3-test-3.1.7-150500.3.31.1
* ovn3-central-debuginfo-23.03.3-150500.3.31.1
* openvswitch3-vtep-debuginfo-3.1.7-150500.3.31.1
* ovn3-devel-23.03.3-150500.3.31.1
* ovn3-vtep-debuginfo-23.03.3-150500.3.31.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* ovn3-debuginfo-23.03.3-150500.3.31.1
* libovn-23_03-0-23.03.3-150500.3.31.1
* ovn3-host-debuginfo-23.03.3-150500.3.31.1
* openvswitch3-vtep-3.1.7-150500.3.31.1
* ovn3-vtep-23.03.3-150500.3.31.1
* openvswitch3-3.1.7-150500.3.31.1
* openvswitch3-test-debuginfo-3.1.7-150500.3.31.1
* python3-ovs3-3.1.7-150500.3.31.1
* libopenvswitch-3_1-0-3.1.7-150500.3.31.1
* openvswitch3-devel-3.1.7-150500.3.31.1
* openvswitch3-debuginfo-3.1.7-150500.3.31.1
* ovn3-central-23.03.3-150500.3.31.1
* ovn3-docker-23.03.3-150500.3.31.1
* libopenvswitch-3_1-0-debuginfo-3.1.7-150500.3.31.1
* libovn-23_03-0-debuginfo-23.03.3-150500.3.31.1
* ovn3-23.03.3-150500.3.31.1
* ovn3-host-23.03.3-150500.3.31.1
* openvswitch3-pki-3.1.7-150500.3.31.1
* openvswitch3-debugsource-3.1.7-150500.3.31.1
* openvswitch3-ipsec-3.1.7-150500.3.31.1
* openvswitch3-test-3.1.7-150500.3.31.1
* ovn3-central-debuginfo-23.03.3-150500.3.31.1
* openvswitch3-vtep-debuginfo-3.1.7-150500.3.31.1
* ovn3-devel-23.03.3-150500.3.31.1
* ovn3-vtep-debuginfo-23.03.3-150500.3.31.1

## References:

* https://www.suse.com/security/cve/CVE-2026-5265.html
* https://www.suse.com/security/cve/CVE-2026-5367.html
* https://bugzilla.suse.com/show_bug.cgi?id=1262498
* https://bugzilla.suse.com/show_bug.cgi?id=1262499



SUSE-SU-2026:2478-1: important: Security update for graphite2


# Security update for graphite2

Announcement ID: SUSE-SU-2026:2478-1
Release Date: 2026-06-22T08:47:10Z
Rating: important
References:

* bsc#1267733

Cross-References:

* CVE-2026-50593

CVSS scores:

* CVE-2026-50593 ( SUSE ): 4.6
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2026-50593 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
* CVE-2026-50593 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H

Affected Products:

* Basesystem Module 15-SP7
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves one vulnerability can now be installed.

## Description:

This update for graphite2 fixes the following issue:

* CVE-2026-50593: Out-of-bounds write via Graphite actions (bsc#1267733).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2478=1

* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2478=1

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-2478=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2478=1

## Package List:

* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* libgraphite2-3-debuginfo-1.3.14-150600.3.3.1
* graphite2-debuginfo-1.3.14-150600.3.3.1
* libgraphite2-3-1.3.14-150600.3.3.1
* graphite2-devel-1.3.14-150600.3.3.1
* graphite2-debugsource-1.3.14-150600.3.3.1
* Basesystem Module 15-SP7 (x86_64)
* libgraphite2-3-32bit-1.3.14-150600.3.3.1
* libgraphite2-3-32bit-debuginfo-1.3.14-150600.3.3.1
* openSUSE Leap 15.6 (aarch64 i586 ppc64le s390x x86_64)
* graphite2-1.3.14-150600.3.3.1
* libgraphite2-3-debuginfo-1.3.14-150600.3.3.1
* graphite2-debuginfo-1.3.14-150600.3.3.1
* libgraphite2-3-1.3.14-150600.3.3.1
* graphite2-devel-1.3.14-150600.3.3.1
* graphite2-debugsource-1.3.14-150600.3.3.1
* openSUSE Leap 15.6 (x86_64)
* libgraphite2-3-32bit-1.3.14-150600.3.3.1
* libgraphite2-3-32bit-debuginfo-1.3.14-150600.3.3.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* libgraphite2-3-64bit-1.3.14-150600.3.3.1
* libgraphite2-3-64bit-debuginfo-1.3.14-150600.3.3.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* libgraphite2-3-debuginfo-1.3.14-150600.3.3.1
* graphite2-debuginfo-1.3.14-150600.3.3.1
* libgraphite2-3-1.3.14-150600.3.3.1
* graphite2-devel-1.3.14-150600.3.3.1
* graphite2-debugsource-1.3.14-150600.3.3.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (x86_64)
* libgraphite2-3-32bit-1.3.14-150600.3.3.1
* libgraphite2-3-32bit-debuginfo-1.3.14-150600.3.3.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* libgraphite2-3-debuginfo-1.3.14-150600.3.3.1
* graphite2-debuginfo-1.3.14-150600.3.3.1
* libgraphite2-3-1.3.14-150600.3.3.1
* graphite2-devel-1.3.14-150600.3.3.1
* graphite2-debugsource-1.3.14-150600.3.3.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (x86_64)
* libgraphite2-3-32bit-1.3.14-150600.3.3.1
* libgraphite2-3-32bit-debuginfo-1.3.14-150600.3.3.1

## References:

* https://www.suse.com/security/cve/CVE-2026-50593.html
* https://bugzilla.suse.com/show_bug.cgi?id=1267733



SUSE-SU-2026:2481-1: important: Security update for openvswitch


# Security update for openvswitch

Announcement ID: SUSE-SU-2026:2481-1
Release Date: 2026-06-22T10:55:16Z
Rating: important
References:

* bsc#1262498
* bsc#1262499

Cross-References:

* CVE-2026-5265
* CVE-2026-5367

CVSS scores:

* CVE-2026-5265 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-5265 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
* CVE-2026-5367 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-5367 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves two vulnerabilities can now be installed.

## Description:

This update for openvswitch fixes the following issues

* CVE-2026-5265: heap over-read in ICMP error response generation
(bsc#1262498).
* CVE-2026-5367: heap over-read in OVN DHCPv6 client ID processing
(bsc#1262499).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2481=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2481=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2481=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2481=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2481=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-2481=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2481=1

## Package List:

* openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64)
* openvswitch-devel-2.14.2-150400.24.35.1
* openvswitch-test-2.14.2-150400.24.35.1
* ovn-vtep-debuginfo-20.06.2-150400.24.35.1
* openvswitch-debuginfo-2.14.2-150400.24.35.1
* libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.35.1
* openvswitch-debugsource-2.14.2-150400.24.35.1
* ovn-host-20.06.2-150400.24.35.1
* libovn-20_06-0-debuginfo-20.06.2-150400.24.35.1
* ovn-debuginfo-20.06.2-150400.24.35.1
* libopenvswitch-2_14-0-2.14.2-150400.24.35.1
* ovn-host-debuginfo-20.06.2-150400.24.35.1
* openvswitch-2.14.2-150400.24.35.1
* ovn-central-debuginfo-20.06.2-150400.24.35.1
* openvswitch-test-debuginfo-2.14.2-150400.24.35.1
* openvswitch-pki-2.14.2-150400.24.35.1
* python3-ovs-2.14.2-150400.24.35.1
* libovn-20_06-0-20.06.2-150400.24.35.1
* ovn-20.06.2-150400.24.35.1
* openvswitch-ipsec-2.14.2-150400.24.35.1
* ovn-vtep-20.06.2-150400.24.35.1
* openvswitch-vtep-2.14.2-150400.24.35.1
* ovn-docker-20.06.2-150400.24.35.1
* ovn-central-20.06.2-150400.24.35.1
* ovn-devel-20.06.2-150400.24.35.1
* openvswitch-vtep-debuginfo-2.14.2-150400.24.35.1
* openSUSE Leap 15.4 (noarch)
* ovn-doc-20.06.2-150400.24.35.1
* openvswitch-doc-2.14.2-150400.24.35.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* openvswitch-devel-2.14.2-150400.24.35.1
* openvswitch-test-2.14.2-150400.24.35.1
* ovn-vtep-debuginfo-20.06.2-150400.24.35.1
* openvswitch-debuginfo-2.14.2-150400.24.35.1
* libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.35.1
* openvswitch-debugsource-2.14.2-150400.24.35.1
* ovn-host-20.06.2-150400.24.35.1
* libovn-20_06-0-debuginfo-20.06.2-150400.24.35.1
* ovn-debuginfo-20.06.2-150400.24.35.1
* libopenvswitch-2_14-0-2.14.2-150400.24.35.1
* ovn-host-debuginfo-20.06.2-150400.24.35.1
* openvswitch-2.14.2-150400.24.35.1
* ovn-central-debuginfo-20.06.2-150400.24.35.1
* openvswitch-test-debuginfo-2.14.2-150400.24.35.1
* openvswitch-pki-2.14.2-150400.24.35.1
* python3-ovs-2.14.2-150400.24.35.1
* libovn-20_06-0-20.06.2-150400.24.35.1
* ovn-20.06.2-150400.24.35.1
* openvswitch-ipsec-2.14.2-150400.24.35.1
* ovn-vtep-20.06.2-150400.24.35.1
* openvswitch-vtep-2.14.2-150400.24.35.1
* ovn-docker-20.06.2-150400.24.35.1
* ovn-central-20.06.2-150400.24.35.1
* ovn-devel-20.06.2-150400.24.35.1
* openvswitch-vtep-debuginfo-2.14.2-150400.24.35.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* openvswitch-devel-2.14.2-150400.24.35.1
* openvswitch-test-2.14.2-150400.24.35.1
* ovn-vtep-debuginfo-20.06.2-150400.24.35.1
* openvswitch-debuginfo-2.14.2-150400.24.35.1
* libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.35.1
* openvswitch-debugsource-2.14.2-150400.24.35.1
* ovn-host-20.06.2-150400.24.35.1
* libovn-20_06-0-debuginfo-20.06.2-150400.24.35.1
* ovn-debuginfo-20.06.2-150400.24.35.1
* libopenvswitch-2_14-0-2.14.2-150400.24.35.1
* ovn-host-debuginfo-20.06.2-150400.24.35.1
* openvswitch-2.14.2-150400.24.35.1
* ovn-central-debuginfo-20.06.2-150400.24.35.1
* openvswitch-test-debuginfo-2.14.2-150400.24.35.1
* openvswitch-pki-2.14.2-150400.24.35.1
* python3-ovs-2.14.2-150400.24.35.1
* libovn-20_06-0-20.06.2-150400.24.35.1
* ovn-20.06.2-150400.24.35.1
* openvswitch-ipsec-2.14.2-150400.24.35.1
* ovn-vtep-20.06.2-150400.24.35.1
* openvswitch-vtep-2.14.2-150400.24.35.1
* ovn-docker-20.06.2-150400.24.35.1
* ovn-central-20.06.2-150400.24.35.1
* ovn-devel-20.06.2-150400.24.35.1
* openvswitch-vtep-debuginfo-2.14.2-150400.24.35.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* openvswitch-devel-2.14.2-150400.24.35.1
* openvswitch-test-2.14.2-150400.24.35.1
* ovn-vtep-debuginfo-20.06.2-150400.24.35.1
* openvswitch-debuginfo-2.14.2-150400.24.35.1
* libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.35.1
* openvswitch-debugsource-2.14.2-150400.24.35.1
* ovn-host-20.06.2-150400.24.35.1
* libovn-20_06-0-debuginfo-20.06.2-150400.24.35.1
* ovn-debuginfo-20.06.2-150400.24.35.1
* libopenvswitch-2_14-0-2.14.2-150400.24.35.1
* ovn-host-debuginfo-20.06.2-150400.24.35.1
* ovn-central-debuginfo-20.06.2-150400.24.35.1
* openvswitch-2.14.2-150400.24.35.1
* openvswitch-test-debuginfo-2.14.2-150400.24.35.1
* openvswitch-pki-2.14.2-150400.24.35.1
* python3-ovs-2.14.2-150400.24.35.1
* libovn-20_06-0-20.06.2-150400.24.35.1
* ovn-20.06.2-150400.24.35.1
* openvswitch-ipsec-2.14.2-150400.24.35.1
* ovn-vtep-20.06.2-150400.24.35.1
* openvswitch-vtep-2.14.2-150400.24.35.1
* ovn-docker-20.06.2-150400.24.35.1
* ovn-central-20.06.2-150400.24.35.1
* ovn-devel-20.06.2-150400.24.35.1
* openvswitch-vtep-debuginfo-2.14.2-150400.24.35.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* openvswitch-devel-2.14.2-150400.24.35.1
* openvswitch-test-2.14.2-150400.24.35.1
* ovn-vtep-debuginfo-20.06.2-150400.24.35.1
* openvswitch-debuginfo-2.14.2-150400.24.35.1
* libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.35.1
* openvswitch-debugsource-2.14.2-150400.24.35.1
* ovn-host-20.06.2-150400.24.35.1
* libovn-20_06-0-debuginfo-20.06.2-150400.24.35.1
* ovn-debuginfo-20.06.2-150400.24.35.1
* libopenvswitch-2_14-0-2.14.2-150400.24.35.1
* ovn-host-debuginfo-20.06.2-150400.24.35.1
* ovn-central-debuginfo-20.06.2-150400.24.35.1
* openvswitch-2.14.2-150400.24.35.1
* openvswitch-test-debuginfo-2.14.2-150400.24.35.1
* openvswitch-pki-2.14.2-150400.24.35.1
* python3-ovs-2.14.2-150400.24.35.1
* libovn-20_06-0-20.06.2-150400.24.35.1
* ovn-20.06.2-150400.24.35.1
* openvswitch-ipsec-2.14.2-150400.24.35.1
* ovn-vtep-20.06.2-150400.24.35.1
* openvswitch-vtep-2.14.2-150400.24.35.1
* ovn-docker-20.06.2-150400.24.35.1
* ovn-central-20.06.2-150400.24.35.1
* ovn-devel-20.06.2-150400.24.35.1
* openvswitch-vtep-debuginfo-2.14.2-150400.24.35.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* openvswitch-devel-2.14.2-150400.24.35.1
* openvswitch-test-2.14.2-150400.24.35.1
* ovn-vtep-debuginfo-20.06.2-150400.24.35.1
* openvswitch-debuginfo-2.14.2-150400.24.35.1
* libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.35.1
* openvswitch-debugsource-2.14.2-150400.24.35.1
* ovn-host-20.06.2-150400.24.35.1
* libovn-20_06-0-debuginfo-20.06.2-150400.24.35.1
* ovn-debuginfo-20.06.2-150400.24.35.1
* libopenvswitch-2_14-0-2.14.2-150400.24.35.1
* ovn-host-debuginfo-20.06.2-150400.24.35.1
* openvswitch-2.14.2-150400.24.35.1
* ovn-central-debuginfo-20.06.2-150400.24.35.1
* openvswitch-test-debuginfo-2.14.2-150400.24.35.1
* openvswitch-pki-2.14.2-150400.24.35.1
* python3-ovs-2.14.2-150400.24.35.1
* libovn-20_06-0-20.06.2-150400.24.35.1
* ovn-20.06.2-150400.24.35.1
* openvswitch-ipsec-2.14.2-150400.24.35.1
* ovn-vtep-20.06.2-150400.24.35.1
* openvswitch-vtep-2.14.2-150400.24.35.1
* ovn-docker-20.06.2-150400.24.35.1
* ovn-central-20.06.2-150400.24.35.1
* ovn-devel-20.06.2-150400.24.35.1
* openvswitch-vtep-debuginfo-2.14.2-150400.24.35.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* openvswitch-devel-2.14.2-150400.24.35.1
* openvswitch-test-2.14.2-150400.24.35.1
* ovn-vtep-debuginfo-20.06.2-150400.24.35.1
* openvswitch-debuginfo-2.14.2-150400.24.35.1
* libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.35.1
* openvswitch-debugsource-2.14.2-150400.24.35.1
* ovn-host-20.06.2-150400.24.35.1
* libovn-20_06-0-debuginfo-20.06.2-150400.24.35.1
* ovn-debuginfo-20.06.2-150400.24.35.1
* libopenvswitch-2_14-0-2.14.2-150400.24.35.1
* ovn-host-debuginfo-20.06.2-150400.24.35.1
* openvswitch-2.14.2-150400.24.35.1
* ovn-central-debuginfo-20.06.2-150400.24.35.1
* openvswitch-test-debuginfo-2.14.2-150400.24.35.1
* openvswitch-pki-2.14.2-150400.24.35.1
* python3-ovs-2.14.2-150400.24.35.1
* libovn-20_06-0-20.06.2-150400.24.35.1
* ovn-20.06.2-150400.24.35.1
* openvswitch-ipsec-2.14.2-150400.24.35.1
* ovn-vtep-20.06.2-150400.24.35.1
* openvswitch-vtep-2.14.2-150400.24.35.1
* ovn-docker-20.06.2-150400.24.35.1
* ovn-central-20.06.2-150400.24.35.1
* ovn-devel-20.06.2-150400.24.35.1
* openvswitch-vtep-debuginfo-2.14.2-150400.24.35.1

## References:

* https://www.suse.com/security/cve/CVE-2026-5265.html
* https://www.suse.com/security/cve/CVE-2026-5367.html
* https://bugzilla.suse.com/show_bug.cgi?id=1262498
* https://bugzilla.suse.com/show_bug.cgi?id=1262499



SUSE-SU-2026:2483-1: important: Security update for python-python-multipart


# Security update for python-python-multipart

Announcement ID: SUSE-SU-2026:2483-1
Release Date: 2026-06-22T11:54:04Z
Rating: important
References:

* bsc#1268488
* bsc#1268496
* bsc#1268500
* bsc#1268506

Cross-References:

* CVE-2026-53537
* CVE-2026-53538
* CVE-2026-53539
* CVE-2026-53540

CVSS scores:

* CVE-2026-53537 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-53537 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2026-53538 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-53538 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2026-53539 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-53539 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-53540 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-53540 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* openSUSE Leap 15.6

An update that solves four vulnerabilities can now be installed.

## Description:

This update for python-python-multipart fixes the following issues

* CVE-2026-53537: multipart/form-data with extended parameters can lead to
file or parameter smuggling (bsc#1268506).
* CVE-2026-53538: urlencoded requests containing semicolons can lead to form
field smuggling (bsc#1268496).
* CVE-2026-53539: small crafted body can cause a denial of service
(bsc#1268500).
* CVE-2026-53540: crafted request buffers can lead to degrading availability
(bsc#1268488).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-2483=1

## Package List:

* openSUSE Leap 15.6 (noarch)
* python311-python-multipart-0.0.9-150600.3.15.1

## References:

* https://www.suse.com/security/cve/CVE-2026-53537.html
* https://www.suse.com/security/cve/CVE-2026-53538.html
* https://www.suse.com/security/cve/CVE-2026-53539.html
* https://www.suse.com/security/cve/CVE-2026-53540.html
* https://bugzilla.suse.com/show_bug.cgi?id=1268488
* https://bugzilla.suse.com/show_bug.cgi?id=1268496
* https://bugzilla.suse.com/show_bug.cgi?id=1268500
* https://bugzilla.suse.com/show_bug.cgi?id=1268506



SUSE-SU-2026:2487-1: important: Security update for rmt-server


# Security update for rmt-server

Announcement ID: SUSE-SU-2026:2487-1
Release Date: 2026-06-22T12:08:32Z
Rating: important
References:

* bsc#1246976
* bsc#1261388
* bsc#1261398
* bsc#1261406
* bsc#1261417
* bsc#1261426
* bsc#1261436
* bsc#1261447
* bsc#1261458
* bsc#1261466
* bsc#1261471

Cross-References:

* CVE-2026-26961
* CVE-2026-26962
* CVE-2026-34230
* CVE-2026-34763
* CVE-2026-34785
* CVE-2026-34786
* CVE-2026-34826
* CVE-2026-34829
* CVE-2026-34830
* CVE-2026-34831

CVSS scores:

* CVE-2026-26961 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-26961 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2026-26961 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2026-26961 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2026-26962 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-26962 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-26962 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-26962 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-34230 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-34230 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-34230 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-34230 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-34763 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-34763 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2026-34763 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2026-34785 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-34785 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-34785 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-34786 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-34786 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2026-34786 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2026-34826 ( SUSE ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2026-34826 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-34826 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-34826 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-34829 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-34829 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-34829 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-34830 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-34830 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-34830 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-34830 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-34831 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
* CVE-2026-34831 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-34831 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
* CVE-2026-34831 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Affected Products:

* openSUSE Leap 15.5
* Public Cloud Module 15-SP5
* Public Cloud Module 15-SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves 10 vulnerabilities and has one security fix can now be
installed.

## Description:

This update for rmt-server fixes the following issues

* CVE-2026-26961: rack: mismatch in header handling can allow to smuggle
multipart content (bsc#1261398).
* CVE-2026-26962: rack: improper unfolding of folded multipart headers can
lead to header injection or response splitting (bsc#1261471).
* CVE-2026-34230: rack: crafted Accept-Encoding header can cause a denial of
service (bsc#1261388).
* CVE-2026-34763: rack: failing of the prefix stripping can lead to
information disclosure (bsc#1261406).
* CVE-2026-34785: rack: prefix matching can expose unintended files under the
static root (bsc#1261417).
* CVE-2026-34786: rack: URL-encoded path mismatch can lead to `header_rules`
bypass (bsc#1261426).
* CVE-2026-34826: rack: multipart byte range processing can allow denial of
service (bsc#1261436).
* CVE-2026-34829: rack: multipart parsing without `Content-Length` header
allows unbounded chunked file uploads (bsc#1261447).
* CVE-2026-34830: rack: crafted `X-Accel-Mapping`headers can lead to regex
injection (bsc#1261458).
* CVE-2026-34831: rack: `Content-Length` mismatch can lead to incorrectly
framed error responses (bsc#1261466).

Changes for rmt-server:

* Updated to version 2.27

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2487=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2487=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2487=1

* Public Cloud Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2026-2487=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2487=1

* Public Cloud Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2026-2487=1

* openSUSE Leap 15.5
zypper in -t patch SUSE-2026-2487=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2487=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2487=1

## Package List:

* Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* rmt-server-debugsource-2.27-150500.3.47.1
* rmt-server-debuginfo-2.27-150500.3.47.1
* rmt-server-pubcloud-2.27-150500.3.47.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64)
* rmt-server-2.27-150500.3.47.1
* rmt-server-debuginfo-2.27-150500.3.47.1
* rmt-server-config-2.27-150500.3.47.1
* rmt-server-debugsource-2.27-150500.3.47.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* rmt-server-debugsource-2.27-150500.3.47.1
* rmt-server-2.27-150500.3.47.1
* rmt-server-config-2.27-150500.3.47.1
* rmt-server-debuginfo-2.27-150500.3.47.1
* rmt-server-pubcloud-2.27-150500.3.47.1
* Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* rmt-server-debugsource-2.27-150500.3.47.1
* rmt-server-debuginfo-2.27-150500.3.47.1
* rmt-server-pubcloud-2.27-150500.3.47.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* rmt-server-debugsource-2.27-150500.3.47.1
* rmt-server-2.27-150500.3.47.1
* rmt-server-debuginfo-2.27-150500.3.47.1
* rmt-server-config-2.27-150500.3.47.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64
x86_64)
* rmt-server-debugsource-2.27-150500.3.47.1
* rmt-server-2.27-150500.3.47.1
* rmt-server-debuginfo-2.27-150500.3.47.1
* rmt-server-config-2.27-150500.3.47.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64
x86_64)
* rmt-server-2.27-150500.3.47.1
* rmt-server-debuginfo-2.27-150500.3.47.1
* rmt-server-config-2.27-150500.3.47.1
* rmt-server-debugsource-2.27-150500.3.47.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* rmt-server-2.27-150500.3.47.1
* rmt-server-debuginfo-2.27-150500.3.47.1
* rmt-server-config-2.27-150500.3.47.1
* rmt-server-debugsource-2.27-150500.3.47.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* rmt-server-2.27-150500.3.47.1
* rmt-server-debuginfo-2.27-150500.3.47.1
* rmt-server-config-2.27-150500.3.47.1
* rmt-server-debugsource-2.27-150500.3.47.1

## References:

* https://www.suse.com/security/cve/CVE-2026-26961.html
* https://www.suse.com/security/cve/CVE-2026-26962.html
* https://www.suse.com/security/cve/CVE-2026-34230.html
* https://www.suse.com/security/cve/CVE-2026-34763.html
* https://www.suse.com/security/cve/CVE-2026-34785.html
* https://www.suse.com/security/cve/CVE-2026-34786.html
* https://www.suse.com/security/cve/CVE-2026-34826.html
* https://www.suse.com/security/cve/CVE-2026-34829.html
* https://www.suse.com/security/cve/CVE-2026-34830.html
* https://www.suse.com/security/cve/CVE-2026-34831.html
* https://bugzilla.suse.com/show_bug.cgi?id=1246976
* https://bugzilla.suse.com/show_bug.cgi?id=1261388
* https://bugzilla.suse.com/show_bug.cgi?id=1261398
* https://bugzilla.suse.com/show_bug.cgi?id=1261406
* https://bugzilla.suse.com/show_bug.cgi?id=1261417
* https://bugzilla.suse.com/show_bug.cgi?id=1261426
* https://bugzilla.suse.com/show_bug.cgi?id=1261436
* https://bugzilla.suse.com/show_bug.cgi?id=1261447
* https://bugzilla.suse.com/show_bug.cgi?id=1261458
* https://bugzilla.suse.com/show_bug.cgi?id=1261466
* https://bugzilla.suse.com/show_bug.cgi?id=1261471



SUSE-SU-2026:2486-1: important: Security update for python-urllib3


# Security update for python-urllib3

Announcement ID: SUSE-SU-2026:2486-1
Release Date: 2026-06-22T12:07:44Z
Rating: important
References:

* bsc#1265267

Cross-References:

* CVE-2026-44431

CVSS scores:

* CVE-2026-44431 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-44431 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-44431 ( NVD ): 8.2
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2026-44431 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected Products:

* openSUSE Leap 15.4
* Public Cloud Module 15-SP4
* Python 3 Module 15-SP7
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP5 LTSS
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for python-urllib3 fixes the following issue

* CVE-2026-44431: sensitive information disclosure due to sensitive headers
being forwarded across origins in proxied low-level redirects (bsc#1265267).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2486=1

* SUSE Linux Enterprise Server 15 SP5 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-2486=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-2486=1

* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2026-2486=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-2486=1

* Python 3 Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2026-2486=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-2486=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-2486=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2486=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-2486=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-2486=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-2486=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-2486=1

## Package List:

* Python 3 Module 15-SP7 (noarch)
* python311-urllib3-2.0.7-150400.7.30.1
* SUSE Linux Enterprise Server 15 SP5 LTSS (noarch)
* python311-urllib3-2.0.7-150400.7.30.1
* openSUSE Leap 15.4 (noarch)
* python311-urllib3-2.0.7-150400.7.30.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
* python311-urllib3-2.0.7-150400.7.30.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (noarch)
* python311-urllib3-2.0.7-150400.7.30.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* python311-urllib3-2.0.7-150400.7.30.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (noarch)
* python311-urllib3-2.0.7-150400.7.30.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch)
* python311-urllib3-2.0.7-150400.7.30.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* python311-urllib3-2.0.7-150400.7.30.1
* Public Cloud Module 15-SP4 (noarch)
* python311-urllib3-2.0.7-150400.7.30.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch)
* python311-urllib3-2.0.7-150400.7.30.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch)
* python311-urllib3-2.0.7-150400.7.30.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* python311-urllib3-2.0.7-150400.7.30.1

## References:

* https://www.suse.com/security/cve/CVE-2026-44431.html
* https://bugzilla.suse.com/show_bug.cgi?id=1265267



openSUSE-SU-2026:0211-1: important: Security update for python-nltk


openSUSE Security Update: Security update for python-nltk
_______________________________

Announcement ID: openSUSE-SU-2026:0211-1
Rating: important
References: #1268526
Cross-References: CVE-2026-54293
Affected Products:
openSUSE Backports SLE-15-SP7
_______________________________

An update that fixes one vulnerability is now available.

Description:

This update for python-nltk fixes the following issues:

- CVE-2026-54293: URL-Encoded Path Traversal in nltk.data.load() Allows
Arbitrary Local File Read (boo#1268526)

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-211=1

Package List:

- openSUSE Backports SLE-15-SP7 (noarch):

python3-nltk-3.7-bp157.3.12.1

References:

https://www.suse.com/security/cve/CVE-2026-54293.html
https://bugzilla.suse.com/1268526



SUSE-SU-2026:2489-1: moderate: Security update for postfix


# Security update for postfix

Announcement ID: SUSE-SU-2026:2489-1
Release Date: 2026-06-22T12:16:27Z
Rating: moderate
References:

* bsc#1264062

Cross-References:

* CVE-2026-43964

CVSS scores:

* CVE-2026-43964 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-43964 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-43964 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
* CVE-2026-43964 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.3

An update that solves one vulnerability can now be installed.

## Description:

This update for postfix fixes the following issue

* CVE-2026-43964: buffer overread and process crash via an enhanced status
code that lacks text after the third number (bsc#1264062).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.3
zypper in -t patch SUSE-2026-2489=1

## Package List:

* openSUSE Leap 15.3 (aarch64 i586 ppc64le s390x x86_64)
* postfix-postgresql-debuginfo-3.5.9-150300.5.20.1
* postfix-postgresql-3.5.9-150300.5.20.1
* postfix-mysql-debuginfo-3.5.9-150300.5.20.1
* postfix-bdb-lmdb-debuginfo-3.5.9-150300.5.20.1
* postfix-bdb-debuginfo-3.5.9-150300.5.20.1
* postfix-devel-3.5.9-150300.5.20.1
* postfix-debugsource-3.5.9-150300.5.20.1
* postfix-ldap-3.5.9-150300.5.20.1
* postfix-debuginfo-3.5.9-150300.5.20.1
* postfix-bdb-3.5.9-150300.5.20.1
* postfix-ldap-debuginfo-3.5.9-150300.5.20.1
* postfix-3.5.9-150300.5.20.1
* postfix-bdb-debugsource-3.5.9-150300.5.20.1
* postfix-bdb-lmdb-3.5.9-150300.5.20.1
* postfix-mysql-3.5.9-150300.5.20.1
* openSUSE Leap 15.3 (noarch)
* postfix-doc-3.5.9-150300.5.20.1

## References:

* https://www.suse.com/security/cve/CVE-2026-43964.html
* https://bugzilla.suse.com/show_bug.cgi?id=1264062



SUSE-SU-2026:2490-1: important: Security update for libarchive


# Security update for libarchive

Announcement ID: SUSE-SU-2026:2490-1
Release Date: 2026-06-22T12:34:32Z
Rating: important
References:

* bsc#1253088
* bsc#1259635
* bsc#1259928
* bsc#1259931
* bsc#1261186

Cross-References:

* CVE-2025-60753
* CVE-2026-4111
* CVE-2026-4424
* CVE-2026-4426
* CVE-2026-5121

CVSS scores:

* CVE-2025-60753 ( SUSE ): 5.6
CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-60753 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2025-60753 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-4111 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2026-4111 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-4111 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2026-4424 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2026-4424 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-4424 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2026-4426 ( SUSE ): 8.3
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2026-4426 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
* CVE-2026-4426 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2026-5121 ( SUSE ): 6.9
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
* CVE-2026-5121 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
* CVE-2026-5121 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2026-5121 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* Basesystem Module 15-SP7
* Development Tools Module 15-SP7
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP7
* SUSE Linux Enterprise Real Time 15 SP7
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server 15 SP6 LTSS
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP7

An update that solves five vulnerabilities can now be installed.

## Description:

This update for libarchive fixes the following issues

* CVE-2025-60753: bsdtar hangs and OOMs with zero-length pattern matches
(bsc#1253088).
* CVE-2026-4111: logical deadlock the RAR5 filter subsystem and the half-
window output limiter leads to infinite loop and DoS (bsc#1259635).
* CVE-2026-4424: information disclosure via heap out-of-bounds read in RAR
archive processing (bsc#1259928).
* CVE-2026-4426: undefined behavior due to unvalidated operand in shift
expression of the zisofs decompression code (bsc#1259931).
* CVE-2026-5121: arbitrary code execution via integer overflow in ISO9660
image processing (bsc#1261186).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* Development Tools Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2026-2490=1

* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2490=1

* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-2490=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-2490=1

* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-2490=1

## Package List:

* openSUSE Leap 15.6 (aarch64 i586 ppc64le s390x x86_64)
* libarchive13-3.7.2-150600.3.20.1
* bsdtar-debuginfo-3.7.2-150600.3.20.1
* libarchive-devel-3.7.2-150600.3.20.1
* libarchive13-debuginfo-3.7.2-150600.3.20.1
* bsdtar-3.7.2-150600.3.20.1
* libarchive-debugsource-3.7.2-150600.3.20.1
* openSUSE Leap 15.6 (x86_64)
* libarchive13-32bit-debuginfo-3.7.2-150600.3.20.1
* libarchive13-32bit-3.7.2-150600.3.20.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* libarchive13-64bit-3.7.2-150600.3.20.1
* libarchive13-64bit-debuginfo-3.7.2-150600.3.20.1
* SUSE Linux Enterprise Server 15 SP6 LTSS (aarch64 ppc64le s390x x86_64)
* libarchive13-3.7.2-150600.3.20.1
* bsdtar-debuginfo-3.7.2-150600.3.20.1
* libarchive-devel-3.7.2-150600.3.20.1
* libarchive13-debuginfo-3.7.2-150600.3.20.1
* bsdtar-3.7.2-150600.3.20.1
* libarchive-debugsource-3.7.2-150600.3.20.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64)
* libarchive13-3.7.2-150600.3.20.1
* bsdtar-debuginfo-3.7.2-150600.3.20.1
* libarchive-devel-3.7.2-150600.3.20.1
* libarchive13-debuginfo-3.7.2-150600.3.20.1
* bsdtar-3.7.2-150600.3.20.1
* libarchive-debugsource-3.7.2-150600.3.20.1
* Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* bsdtar-debuginfo-3.7.2-150600.3.20.1
* bsdtar-3.7.2-150600.3.20.1
* libarchive-debugsource-3.7.2-150600.3.20.1
* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* libarchive13-debuginfo-3.7.2-150600.3.20.1
* libarchive-devel-3.7.2-150600.3.20.1
* libarchive-debugsource-3.7.2-150600.3.20.1
* libarchive13-3.7.2-150600.3.20.1

## References:

* https://www.suse.com/security/cve/CVE-2025-60753.html
* https://www.suse.com/security/cve/CVE-2026-4111.html
* https://www.suse.com/security/cve/CVE-2026-4424.html
* https://www.suse.com/security/cve/CVE-2026-4426.html
* https://www.suse.com/security/cve/CVE-2026-5121.html
* https://bugzilla.suse.com/show_bug.cgi?id=1253088
* https://bugzilla.suse.com/show_bug.cgi?id=1259635
* https://bugzilla.suse.com/show_bug.cgi?id=1259928
* https://bugzilla.suse.com/show_bug.cgi?id=1259931
* https://bugzilla.suse.com/show_bug.cgi?id=1261186


Kernel updates for Rocky Linux

Netatalk, Nginx, HAProxy, MySQL, and Linux Kernel updates for Ubuntu

Windows

Linux

macOS

Community

  • Lexonight
    Hey everyone,Wanted to share a project I've been b ...
  • SeveG
    need some help here... situationPC= Packard BellOS= win1 ...
  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...